Network Working Group P. M. Hallam-Baker Internet-Draft ThresholdSecrets.com Intended status: Informational 14 October 2024 Expires: 17 April 2025 Mathematical Mesh 3.0 Part V: Protocol Reference draft-hallambaker-mesh-protocol-16 Abstract The Mathematical Mesh 'The Mesh' is an end-to-end secure infrastructure that facilitates the exchange of configuration and credential data between multiple user devices. The core protocols of the Mesh are described with examples of common use cases and reference data. [Note to Readers] Discussion of this draft takes place on the MATHMESH mailing list (mathmesh@ietf.org), which is archived at https://mailarchive.ietf.org/arch/search/?email_list=mathmesh. This document is also available online at http://mathmesh.com/Documents/draft-hallambaker-mesh-protocol.html. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 17 April 2025. Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. Hallam-Baker Expires 17 April 2025 [Page 1] Internet-Draft Mesh Protocol Reference October 2024 This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 5 2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.1. Requirements Language . . . . . . . . . . . . . . . . . . 6 2.2. Defined Terms . . . . . . . . . . . . . . . . . . . . . . 6 2.3. Related Specifications . . . . . . . . . . . . . . . . . 6 2.4. Implementation Status . . . . . . . . . . . . . . . . . . 6 3. Mesh Protocols . . . . . . . . . . . . . . . . . . . . . . . 6 4. Mesh Service . . . . . . . . . . . . . . . . . . . . . . . . 7 4.1. Data Model . . . . . . . . . . . . . . . . . . . . . . . 8 4.2. Partitioning . . . . . . . . . . . . . . . . . . . . . . 8 5. Protocol Bindings . . . . . . . . . . . . . . . . . . . . . . 8 6. Mesh Service Operations . . . . . . . . . . . . . . . . . . . 9 6.1. Service Description . . . . . . . . . . . . . . . . . . . 9 6.2. Account Management . . . . . . . . . . . . . . . . . . . 11 6.2.1. Bind Account . . . . . . . . . . . . . . . . . . . . 11 6.2.2. Unbind Account . . . . . . . . . . . . . . . . . . . 16 6.2.3. Account Recovery and Transfer. . . . . . . . . . . . 16 6.3. Persistence Store Management . . . . . . . . . . . . . . 17 6.3.1. Status . . . . . . . . . . . . . . . . . . . . . . . 17 6.3.2. Download . . . . . . . . . . . . . . . . . . . . . . 20 6.3.3. Transact . . . . . . . . . . . . . . . . . . . . . . 21 6.4. Device Connection . . . . . . . . . . . . . . . . . . . . 23 6.4.1. Connect . . . . . . . . . . . . . . . . . . . . . . . 23 6.4.2. Complete . . . . . . . . . . . . . . . . . . . . . . 28 6.5. Publication . . . . . . . . . . . . . . . . . . . . . . . 40 6.5.1. Claim Transaction . . . . . . . . . . . . . . . . . . 40 6.5.2. PollClaim Transaction . . . . . . . . . . . . . . . . 44 6.6. Cryptographic . . . . . . . . . . . . . . . . . . . . . . 45 6.6.1. Generate Key Shares . . . . . . . . . . . . . . . . . 47 6.6.2. Threshold Sign . . . . . . . . . . . . . . . . . . . 48 6.7. Messaging . . . . . . . . . . . . . . . . . . . . . . . . 48 6.7.1. Sender. . . . . . . . . . . . . . . . . . . . . . . . 48 6.7.2. Outbound Service . . . . . . . . . . . . . . . . . . 48 6.7.3. Inbound Service . . . . . . . . . . . . . . . . . . . 49 6.7.4. Recipient . . . . . . . . . . . . . . . . . . . . . . 49 7. Access Control . . . . . . . . . . . . . . . . . . . . . . . 50 7.1. Direct authorization . . . . . . . . . . . . . . . . . . 50 7.2. Access Catalog authentication . . . . . . . . . . . . . . 50 8. Message Interactions . . . . . . . . . . . . . . . . . . . . 50 8.1. Message PIN Interaction . . . . . . . . . . . . . . . . . 50 Hallam-Baker Expires 17 April 2025 [Page 2] Internet-Draft Mesh Protocol Reference October 2024 8.1.1. Registration . . . . . . . . . . . . . . . . . . . . 51 8.1.2. Authentication . . . . . . . . . . . . . . . . . . . 51 8.1.3. Validation . . . . . . . . . . . . . . . . . . . . . 52 8.1.4. Example . . . . . . . . . . . . . . . . . . . . . . . 52 8.2. Completion Interaction . . . . . . . . . . . . . . . . . 53 8.3. Contact Exchange Interaction . . . . . . . . . . . . . . 54 8.3.1. Remote . . . . . . . . . . . . . . . . . . . . . . . 54 8.3.2. PIN . . . . . . . . . . . . . . . . . . . . . . . . . 57 8.3.3. EARL . . . . . . . . . . . . . . . . . . . . . . . . 57 8.4. Group Invitation . . . . . . . . . . . . . . . . . . . . 57 8.5. Confirmation Interaction . . . . . . . . . . . . . . . . 58 9. Device Connection Interactions . . . . . . . . . . . . . . . 59 9.1. Witness/PIN Authenticated . . . . . . . . . . . . . . . . 61 9.1.1. Phase 1: . . . . . . . . . . . . . . . . . . . . . . 62 9.1.2. Phase 2: . . . . . . . . . . . . . . . . . . . . . . 62 9.1.3. Phase 3: . . . . . . . . . . . . . . . . . . . . . . 66 9.1.4. Phase 4 . . . . . . . . . . . . . . . . . . . . . . . 75 9.2. Preconfigured (Static QR Code) . . . . . . . . . . . . . 76 9.2.1. Phase 1 . . . . . . . . . . . . . . . . . . . . . . . 77 9.2.2. Phase 2 & 3 . . . . . . . . . . . . . . . . . . . . . 80 9.2.3. Phase 4 . . . . . . . . . . . . . . . . . . . . . . . 80 9.2.4. Phase 5 . . . . . . . . . . . . . . . . . . . . . . . 80 10. Protocol Schema . . . . . . . . . . . . . . . . . . . . . . . 80 10.1. Request Messages . . . . . . . . . . . . . . . . . . . . 81 10.1.1. Message: MeshRequest . . . . . . . . . . . . . . . . 81 10.1.2. Message: MeshRequestUser . . . . . . . . . . . . . . 81 10.2. Response Messages . . . . . . . . . . . . . . . . . . . 81 10.2.1. Message: MeshResponse . . . . . . . . . . . . . . . 81 10.3. Imported Objects . . . . . . . . . . . . . . . . . . . . 82 10.4. Common Structures . . . . . . . . . . . . . . . . . . . 82 10.4.1. Structure: KeyValue . . . . . . . . . . . . . . . . 82 10.4.2. Structure: ConstraintsSelect . . . . . . . . . . . . 82 10.4.3. Structure: ConstraintsData . . . . . . . . . . . . . 83 10.4.4. Structure: PolicyAccount . . . . . . . . . . . . . . 83 10.4.5. Structure: StoreStatus . . . . . . . . . . . . . . . 83 10.4.6. Structure: StoreUpdate . . . . . . . . . . . . . . . 84 10.5. Transaction: Hello . . . . . . . . . . . . . . . . . . . 84 10.5.1. Message: MeshHelloRequest . . . . . . . . . . . . . 84 10.5.2. Message: MeshHelloResponse . . . . . . . . . . . . . 84 10.6. Transaction: BindAccount . . . . . . . . . . . . . . . . 85 10.6.1. Message: BindRequest . . . . . . . . . . . . . . . . 85 10.6.2. Message: BindResponse . . . . . . . . . . . . . . . 85 10.7. Transaction: UnbindAccount . . . . . . . . . . . . . . . 86 10.7.1. Message: UnbindRequest . . . . . . . . . . . . . . . 86 10.7.2. Message: UnbindResponse . . . . . . . . . . . . . . 86 10.8. Transaction: Connect . . . . . . . . . . . . . . . . . . 86 10.8.1. Message: ConnectRequest . . . . . . . . . . . . . . 86 10.8.2. Message: ConnectResponse . . . . . . . . . . . . . . 86 Hallam-Baker Expires 17 April 2025 [Page 3] Internet-Draft Mesh Protocol Reference October 2024 10.9. Transaction: Complete . . . . . . . . . . . . . . . . . 87 10.9.1. Message: CompleteRequest . . . . . . . . . . . . . . 87 10.9.2. Message: CompleteResponse . . . . . . . . . . . . . 87 10.10. Transaction: Status . . . . . . . . . . . . . . . . . . 87 10.10.1. Message: StatusRequest . . . . . . . . . . . . . . 87 10.10.2. Message: StatusResponse . . . . . . . . . . . . . . 88 10.10.3. Structure: DeviceStatus . . . . . . . . . . . . . . 88 10.11. Transaction: Download . . . . . . . . . . . . . . . . . 88 10.11.1. Message: DownloadRequest . . . . . . . . . . . . . 89 10.11.2. Message: DownloadResponse . . . . . . . . . . . . . 89 10.12. Transaction: Transact . . . . . . . . . . . . . . . . . 89 10.12.1. Message: TransactRequest . . . . . . . . . . . . . 90 10.12.2. Message: TransactResponse . . . . . . . . . . . . . 90 10.12.3. Structure: EntryResponse . . . . . . . . . . . . . 90 10.13. Transaction: PublicRead . . . . . . . . . . . . . . . . 91 10.13.1. Message: PublicRequest . . . . . . . . . . . . . . 91 10.14. Transaction: Post . . . . . . . . . . . . . . . . . . . 91 10.14.1. Message: PostRequest . . . . . . . . . . . . . . . 91 10.14.2. Message: PostResponse . . . . . . . . . . . . . . . 92 10.15. Transaction: Claim . . . . . . . . . . . . . . . . . . . 92 10.15.1. Message: ClaimRequest . . . . . . . . . . . . . . . 92 10.15.2. Message: ClaimResponse . . . . . . . . . . . . . . 92 10.16. Transaction: PollClaim . . . . . . . . . . . . . . . . . 92 10.16.1. Message: PollClaimRequest . . . . . . . . . . . . . 92 10.16.2. Message: PollClaimResponse . . . . . . . . . . . . 93 10.16.3. Structure: CryptographicOperation . . . . . . . . . 93 10.16.4. Structure: CryptographicOperationSign . . . . . . . 93 10.16.5. Structure: CryptographicOperationKeyAgreement . . . 93 10.16.6. Structure: CryptographicOperationGenerate . . . . . 93 10.16.7. Structure: CryptographicOperationShare . . . . . . 93 10.16.8. Structure: CryptographicResult . . . . . . . . . . 93 10.16.9. Structure: CryptographicResultKeyAgreement . . . . 94 10.16.10. Structure: CryptographicResultShare . . . . . . . . 94 10.17. Transaction: Operate . . . . . . . . . . . . . . . . . . 94 10.17.1. Message: OperateRequest . . . . . . . . . . . . . . 94 10.17.2. Message: OperateResponse . . . . . . . . . . . . . 94 11. Security Considerations . . . . . . . . . . . . . . . . . . . 94 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 94 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 94 14. Normative References . . . . . . . . . . . . . . . . . . . . 95 15. Informative References . . . . . . . . . . . . . . . . . . . 96 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 96 Hallam-Baker Expires 17 April 2025 [Page 4] Internet-Draft Mesh Protocol Reference October 2024 1. Introduction This document describes the Mesh Service protocol supported by Mesh Services, an account-based protocol that facilitates exchange of data between devices connected to a Mesh profile and between Mesh accounts. Mesh Service Accounts support the following services: * Provides the master persistence store for the Catalogs and Spools associated with the account. * Enables synchronization of Catalogs and Spools with connected devices. * Enforces access control on inbound Mesh Messages from other users and other Mesh Services. * Authenticates outbound Mesh Messages, certifying that they comply with abuse mitigation policies. A Mesh Profile MAY be bound to multiple Mesh Service Accounts at the same time but only one Mesh Service Account is considered to be authoritative at a time. Users may add or remove Mesh Service Accounts and change the account designated as authoritative at any time. The Mesh Services are build from a very small set of primitives which provide a surprisingly extensive set of capabilities. These primitives are: Hello Describes the features and options provided by the service and provides a 'null' transaction which MAY be used to establish an authentication ticket without performing any action, CreateAccount, DeleteAccount Manage the creation and deletion of accounts at the service. Status, Download, Upload Support synchronization of Mesh containers between the service (Master) and the connected devices (Replicas). Connect Initiate the process of connecting a device to a Mesh profile from the device itself. Post Request that a Mesh Message be transferred to one or more Mesh Accounts. Hallam-Baker Expires 17 April 2025 [Page 5] Internet-Draft Mesh Protocol Reference October 2024 Although these functions could in principle be used to replace many if not most existing Internet application protocols, the principal value of any communication protocol lies in the size of the audience it allows them to communicate with. Thus, while the Mesh Messaging service is designed to support efficient and reliable transfer of messages ranging in size from a few bytes to multiple terabytes, the near-term applications of these services will be to applications that are not adequately supported by existing protocols if at all. 2. Definitions This section presents the related specifications and standard, the terms that are used as terms of art within the documents and the terms used as requirements language. 2.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 2.2. Defined Terms The terms of art used in this document are described in the _Mesh Architecture Guide_ [draft-hallambaker-mesh-architecture]. 2.3. Related Specifications The architecture of the Mathematical Mesh is described in the _Mesh Architecture Guide_ [draft-hallambaker-mesh-architecture]. The Mesh documentation set and related specifications are described in this document. 2.4. Implementation Status The implementation status of the reference code base is described in the companion document [draft-hallambaker-mesh-developer]. 3. Mesh Protocols The Mesh specifies two separate types of protocol interactions: Mesh Service Protocol A synchronous protocol supporting interactions between devices and a Mesh Service Host and between Mesh Service hosts. Mesh Messaging Protocol An asynchronous protocol that supports Hallam-Baker Expires 17 April 2025 [Page 6] Internet-Draft Mesh Protocol Reference October 2024 interactions between devices connected to the same account and between accounts. The Mesh Messaging Protocol uses the Mesh Service Protocol as transport. The Mesh Service Protocol in turn makes use of Reliable UDP Datagram (RUD) [draft-hallambaker-mesh-rud] for framing and authentication of individual requests and responses. These RUS packets are in turn exchanged over either HTTPS (i.e. a Web Service) or directly over UDP. (Artwork only available as svg: see https://www.ietf.org/archive/id/ draft-hallambaker-mesh-protocol-16.html) Figure 1: Protocol Layering Mesh Services MUST support the HTTPS binding and MAY support the UDP binding. 4. Mesh Service A Mesh Service is a minimally trusted service. In particular a user does not need to trust a Mesh service to protect the confidentiality or integrity of most data stored in the account catalogs and spools. Unless the use of the Mesh Service is highly restricted, a user does need to trust the Mesh Service in certain respects: Data Loss A service could refuse to respond to requests to download data. Integrity (Stale Data) The use of Merkle Trees limits but does not eliminate the ability of a Mesh Service to respond to requests with stale data. Messaging A service could reject requests to post messages to or accept messages from other mesh users. This risk is a necessary consequence of the fact that the Mesh Service Provider is accountable to other Mesh Service Providers for abuse originating from their service. Traffic analysis A Mesh Service has knowledge of the number of Mesh Messages being sent and received by its users and the addresses to which they are being sent to or received from. The need to trust the Mesh Service in these respects is mitigated by accountability and the user's ability to change Mesh Service providers at any time they choose with minimal inconvenience. Hallam-Baker Expires 17 April 2025 [Page 7] Internet-Draft Mesh Protocol Reference October 2024 It is possible that some of these risks will be reduced in future versions of the Mesh Service Protocol but it is highly unlikely that these can be eliminated entirely without compromising practicality or efficiency. 4.1. Data Model The design of the Mesh Service model followed a quasi-formal approach in which the system was reduced to schemas which could in principle be rendered in a formal development method but without construction of proofs. Like the contents of Mesh Accounts, a Mesh Service may be represented by a collection of catalogs and spools, for example: Account Catalog Contains the account entries. Incident Spool Reports of potential abuse Backup of the service MAY be implemented using the same container synchronization mechanism used to synchronize account catalogs and spools. 4.2. Partitioning Mesh Services supporting a large number of accounts or large activity volume MAY partition the account catalog between one or more hosts using the usual tiered service model in which a front-end server receives traffic for any account hosted at the server and routes the request to the back-end service that provides the persistence store for that account. In addition, the Mesh Service Protocol supports a 'direct connection' partitioning model in which devices are given a DNS name which MAY allow for direct connection to the persistence host or to a front-end service offering service that is in some way specific to that account. 5. Protocol Bindings The protocol binding maps the abstract protocol definition specified in this document to the network protocol format. * Discovery of network services. * Construction of the payload data by serializing request and response messages. Hallam-Baker Expires 17 April 2025 [Page 8] Internet-Draft Mesh Protocol Reference October 2024 * Authentication of the payload data. * Confidentiality controls to protect against traffic analysis Currently only one protocol binding is specified: JSON-BCD Application Binding [draft-hallambaker-jsonbcd] over Reliable User Datagram (RUD) [draft-hallambaker-mesh-rud]. *JSON-BCD Application Binding* specifies the means by which data types such as 'integer' and 'datetime' etc. given in this document are serialized using JSON/JSON-B encoding. *Reliable User Datagram* offers a presentation layer over a choice of HTTP or UDP transport. 6. Mesh Service Operations The Mesh Service operations are divided into the following functional groups: Service Description Describes the service. Account Management Operations used to create, reclaim, and delete accounts. Persistence Store Management Operations used to synchronize persistence store data across connected devices. [May be replaced in a future revision] Device Connection Operations used by devices requesting connection to the account. Publication Operations allowing a watched document to be posted to the service and claims made on the document returned to a device. Cryptographic Cryptographic operations, including threshold operations performed by the service. Messaging Exchange of messages between Mesh Services. 6.1. Service Description The Hello transaction is used to determine the features supported by the service and obtain the service profile. The request payload only specifies that is is a request for the service description: Hallam-Baker Expires 17 April 2025 [Page 9] Internet-Draft Mesh Protocol Reference October 2024 { "HelloRequest":{}} The response payload describes the service and the host providing that service: { "MeshHelloResponse":{ "EnvelopedProfileService":[{ "EnvelopeId":"MBQD-ETXU-HZRW-A26O-WDTR-K7GI-X6JD", "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJNQlFELUVUWFUtSF pSVy1BMjZPLVdEVFItSzdHSS1YNkpEIiwKICAiTWVzc2FnZVR5cGUiOiAiUHJvZml sZVNlcnZpY2UiLAogICJjdHkiOiAiYXBwbGljYXRpb24vbW1tL29iamVjdCIsCiAg IkNyZWF0ZWQiOiAiMjAyNC0xMC0xNFQxMzoxMDo0NFoifQ", "dig":"S512"}, "ewogICJQcm9maWxlU2VydmljZSI6IHsKICAgICJTZXJ2aWNlQXV0aGVudG ljYXRpb24iOiB7CiAgICAgICJVZGYiOiAiTURZSS1JMkJILUhNTDMtSDZZSy1HTll XLUpKWEYtTlZESCIsCiAgICAgICJQdWJsaWNQYXJhbWV0ZXJzIjogewogICAgICAg ICJQdWJsaWNLZXlFQ0RIIjogewogICAgICAgICAgImNydiI6ICJYNDQ4IiwKICAgI CAgICAgICJQdWJsaWMiOiAiZ0g2UU15WXg1cWZPUmFOTnZzWnlSODNCTTBhbkVqLV ZxQ29MLTZrX0JoZEZZUThRcHJvNQogIDhwMGhyVFJNVExacnJCZFdwanRQS2l1QSJ 9fX0sCiAgICAiU2VydmljZUVuY3J5cHRpb24iOiB7CiAgICAgICJVZGYiOiAiTUE0 TC1VRTVBLUU0VkctVUdSSy1UVlQyLTNMSEctWTdOViIsCiAgICAgICJQdWJsaWNQY XJhbWV0ZXJzIjogewogICAgICAgICJQdWJsaWNLZXlFQ0RIIjogewogICAgICAgIC AgImNydiI6ICJYNDQ4IiwKICAgICAgICAgICJQdWJsaWMiOiAiS1BybjZhUHRSSEd MYkkyYUVIeklfZHRQRGdhR01TU0x4a0RfZFdzVEJZVkUxS2ZUM2tBTwogIHFSMjlQ ODJDLU5ydFphcG53eFpmRlRnQSJ9fX0sCiAgICAiU2VydmljZVNpZ25hdHVyZSI6I HsKICAgICAgIlVkZiI6ICJNQzZMLVQ1UDYtVVpDUS1SUkQ3LVZNSk0tRTJLUS1BWk hFIiwKICAgICAgIlB1YmxpY1BhcmFtZXRlcnMiOiB7CiAgICAgICAgIlB1YmxpY0t leUVDREgiOiB7CiAgICAgICAgICAiY3J2IjogIkVkNDQ4IiwKICAgICAgICAgICJQ dWJsaWMiOiAieTVhN1hYZG9mX0F6aTh1ZVRkZFNJWng5ZkZnRDdaZlhCVDktTjZlN XFlQl9wUXRudXJ5bAogIFJOeGUydzVIckNWOXNZejJqcjN1NFhxQSJ9fX0sCiAgIC AiUm9vdFVkZnMiOiBbIllCTGtrWFZRYmRxZWE4MVFWSWtwcHAwRE9CdHRKRmNvVEk 3VVZld3JldU1CQUozejZuCiAgTW1mMzFGYjRoRnktT0pqWVdoOTVFMHNwTlV2UGpN anczTm9wQSJdfX0", { "signatures":[{ "alg":"ED448", "kid":"MAJO-JELV-KBW5-VHTL-ZVIF-JCJJ-U2OQ", "SignatureKey":{ "PublicKeyECDH":{ "crv":"Ed448", "Public":"HrzNjtG9zQoqxzKGX1fa5ewkB0g6P7HQfinZuUC Y_q4Ke778BqDQPwE8kpSgU7aulAUJIk8Ue-kA"}}, "signature":"u2U3pzAR-p3SyPylngueVqwseBYnkzJ0cXSsmT5j yKqMNKLb6EIhA4Q_m9W4qaj5MfpkFwwI6kQA6Kh59w0zmMrPPfTgPE3mxCJ5qLj4S hkMMubJwSb_L4Ef8rqKSZ9vGHdEuTImoU1rFnQAHeorqzsA"} ], Hallam-Baker Expires 17 April 2025 [Page 10] Internet-Draft Mesh Protocol Reference October 2024 "PayloadDigest":"GpwjTMrI_kI51EPsErCiiBEe3XJXntbI2Xkd4uX- sW6Ix81ljSbMDnALW0hua0peCyMOVvBV2iyZb3cRnQh6mA"} ], "Version":{ "Major":3, "Minor":0, "Encodings":[{ "ID":["application/json" ]} ]}, "Status":201}} The current revision of the specification is designed for small scale deployments in which the service is provided by a single host. The approach will require revision in future versions to fully support a service being provided by multiple hosts with accounts being transferred between the hosts to allow balancing of load. 6.2. Account Management There are three account management operations: BindAccount Create an account bound to a service address. UnbindAccount Delete an account bound to a service address RecoverAccount [TBS] Reclaim an account using a recovered primary secret. The BindAccount operation is used to create User and Group accounts. Currently, these account types are distinct. This may change in future releases. 6.2.1. Bind Account A User Account is bound to a Mesh Service by completing a BindAccount operation with the service. The BindAccount transaction is unique in that it can fail to complete for reasons that are outside the scope of the Mesh specifications. Creation of an account might require payment to be made or authentication of the user's credentials. It is thus quite normal for the result of a CreateRequest to be the account being created in an 'on hold' state which can only be changed out of band. Hallam-Baker Expires 17 April 2025 [Page 11] Internet-Draft Mesh Protocol Reference October 2024 If the request is at least partially successful, a BindResponse message is returned. In the case of partial success, a description of the request status and link to a Web page providing further details MAY be returned. The request payload contains all the information needed to create the account: * The account address * The account profile Since there is no Access Catalog until the account is created, the Bind Account request and subsequent requests used to initialize the access catalog for the account MUST be authenticated by the Account Authentication key. Alice requests creation of the account alice@example.com. The request payload is: { "BindRequest":{ "AccountAddress":"alice@example.com", "EnvelopedProfileAccount":[{ "EnvelopeId":"MBQC-7OHA-RNBA-FRDL-R4GI-YQHA-DL36", "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJNQlFDLTdPSEEtUk 5CQS1GUkRMLVI0R0ktWVFIQS1ETDM2IiwKICAiTWVzc2FnZVR5cGUiOiAiUHJvZml sZVVzZXIiLAogICJjdHkiOiAiYXBwbGljYXRpb24vbW1tL29iamVjdCIsCiAgIkNy ZWF0ZWQiOiAiMjAyNC0xMC0xNFQxMzoxMDo0NVoifQ", "dig":"S512"}, "ewogICJQcm9maWxlVXNlciI6IHsKICAgICJDb21tb25TaWduYXR1cmUiOi B7CiAgICAgICJVZGYiOiAiTUROVC1XVDNHLTM0NkctNEk1VC1ZVjdGLUxUUVgtUFN OVCIsCiAgICAgICJQdWJsaWNQYXJhbWV0ZXJzIjogewogICAgICAgICJQdWJsaWNL ZXlFQ0RIIjogewogICAgICAgICAgImNydiI6ICJFZDQ0OCIsCiAgICAgICAgICAiU HVibGljIjogIklNeU1vN2ZFeTJ2SHA4c3lRMFZVNFhpdnBKRWhnUVFTWDNqOG12YT RIQ19UMDVVbmhRWXEKICBWWnl1dklRRVZvMmR5TUNSbTYwUTNFMEEifX19LAogICA gIkFjY291bnRBZGRyZXNzIjogImFsaWNlQGV4YW1wbGUuY29tIiwKICAgICJTZXJ2 aWNlVWRmIjogIk1CUUQtRVRYVS1IWlJXLUEyNk8tV0RUUi1LN0dJLVg2SkQiLAogI CAgIkVzY3Jvd0VuY3J5cHRpb24iOiB7CiAgICAgICJVZGYiOiAiTUNLRC0zTVI2LV AyVEUtTTZVNC00TElPLVpUUkctRFpWUyIsCiAgICAgICJQdWJsaWNQYXJhbWV0ZXJ zIjogewogICAgICAgICJQdWJsaWNLZXlFQ0RIIjogewogICAgICAgICAgImNydiI6 ICJYNDQ4IiwKICAgICAgICAgICJQdWJsaWMiOiAiMXZOVUFBcDNyc3pJcGhHOEVzZ m9hTzVZNnNaQ24wSGM4ekNnZFFpdllwSkFjRHRta1NzQwogIGVJMmdtRFRDSzZTcl MxVWdQdHVZbVR3QSJ9fX0sCiAgICAiQWRtaW5pc3RyYXRvclNpZ25hdHVyZSI6IHs KICAgICAgIlVkZiI6ICJNRDJMLTZNN0MtWjNaMy1RM0FMLUpGWUktWklVQy1CS1VS IiwKICAgICAgIlB1YmxpY1BhcmFtZXRlcnMiOiB7CiAgICAgICAgIlB1YmxpY0tle UVDREgiOiB7CiAgICAgICAgICAiY3J2IjogIkVkNDQ4IiwKICAgICAgICAgICJQdW JsaWMiOiAiYkhvS2IwYzEyRjdjaWJNXzNnWmNKWE16T09YNHNuSGdQVndPZlJZazZ Hallam-Baker Expires 17 April 2025 [Page 12] Internet-Draft Mesh Protocol Reference October 2024 BUkpPc0dQZW1zZAogIDJCbTBXZm1Ba1JZTzNFUTZmajhfTnpTQSJ9fX0sCiAgICAi Q29tbW9uRW5jcnlwdGlvbiI6IHsKICAgICAgIlVkZiI6ICJNQVlGLUQ3TEotNUlNU C1FVUNHLUhTR0gtN0xTUi1BQVBaIiwKICAgICAgIlB1YmxpY1BhcmFtZXRlcnMiOi B7CiAgICAgICAgIlB1YmxpY0tleUVDREgiOiB7CiAgICAgICAgICAiY3J2IjogIlg 0NDgiLAogICAgICAgICAgIlB1YmxpYyI6ICJjN29vcko4MDhzYzlkNDBLWERoSUhn Q1RGejM5TUszSmpPMFE3S191ZkRFR0RLaXdWS2hkCiAgM29QUTQ0UEVxR2p3a3BwN 09mYmNCYlNBIn19fSwKICAgICJDb21tb25BdXRoZW50aWNhdGlvbiI6IHsKICAgIC AgIlVkZiI6ICJNQUZULVNJTkEtU0ZYSS1QQkRZLVdSSEUtTlhZTC1EWFZUIiwKICA gICAgIlB1YmxpY1BhcmFtZXRlcnMiOiB7CiAgICAgICAgIlB1YmxpY0tleUVDREgi OiB7CiAgICAgICAgICAiY3J2IjogIlg0NDgiLAogICAgICAgICAgIlB1YmxpYyI6I CJYY2dFejl5MmNxc3g0WmViR0VSVGpyTi14ek44M0QtcGN4MDY1MXgtV1VDcVlOcn NuelRICiAgNDBDcG9NeHVOLUZucFQ1bV9iME15dUtBIn19fSwKICAgICJSb290VWR mcyI6IFsiWUJKUjNqUjJQbGpkWWs1cXhiV2RIWTByVFlFYUZBa0hZM01tc1I4enZO MURyMzNSbkwKICBVTDNUaHJHOURNV0JaM1AtOFp5R3p5S2FRWXdlY28yWlV0Y0t3I l19fQ", { "signatures":[{ "alg":"ED448", "kid":"MAJF-DXRU-OY7F-RXLC-JZVM-LNM5-DWGS", "SignatureKey":{ "PublicKeyECDH":{ "crv":"Ed448", "Public":"9sZGEfYSIoTvVSL0Q5c_Oip_Hi2iOTsl4L3iLwh fOv9bA-5nd7PyRooKEsQx-lA7PMAYBewSOmIA"}}, "signature":"6x3k8AC2jkUQv0jzlUVWJDqP7zcNkKAqvPcAs7Ci 2jXULjbIFAFCct8GC8Nb8KiD5ljoLAsVHr-AnYcjklyXSHN6Gn_BIZiLiW3Yu5_Ch XHspywX-ZGMD6soXJIilOzreauR-_aiUE7Gx0eh3Fje2wEA"} ], "PayloadDigest":"tXPfbmg_SRmARF_7HLPq-bM6NMO1h1Oa30f_Ag_T IRzGKMrmTKtV7XH-h3NIBFGxOQYuD0BproKNEg6uhtG0Mw"} ], "EnvelopedCallsignBinding":[[{ "ContentMetaData":"ewogICJNZXNzYWdlVHlwZSI6ICJDYWxsc2ln bkJpbmRpbmciLAogICJjdHkiOiAiYXBwbGljYXRpb24vbW1tL29iamVjdCIsCiAgI kNyZWF0ZWQiOiAiMjAyNC0xMC0xNFQxMzoxMDo0NVoifQ", "dig":"S512"}, "ewogICJDYWxsc2lnbkJpbmRpbmciOiB7CiAgICAiQ2Fub25pY2FsIjog ImFsaWNlQGV4YW1wbGUuY29tIiwKICAgICJEaXNwbGF5IjogImFsaWNlQGV4YW1wb GUuY29tIiwKICAgICJQcm9maWxlVWRmIjogIk1CUUMtN09IQS1STkJBLUZSREwtUj RHSS1ZUUhBLURMMzYiLAogICAgIlNlcnZpY2VzIjogW3sKICAgICAgICAiUHJlZml 4IjogIm1tbSJ9XX19", { "signatures":[{ "alg":"ED448", "kid":"MD2L-6M7C-Z3Z3-Q3AL-JFYI-ZIUC-BKUR", "signature":"-Pp_ckhL8JOcz6YRG466UJn9waIRn8KzCLZv_7 9OjTnOla3emASatCkLlMDHoppgzVnl3E8oYMuAY0W8MAZopsg5fLDAB7yTUKE1Cgi boHAZ2FydtHpKuXMwbh9TxZUUlCA8rj4b91k75jmf7B2sJgsA"} Hallam-Baker Expires 17 April 2025 [Page 13] Internet-Draft Mesh Protocol Reference October 2024 ], "PayloadDigest":"kLv_SVV9EuL9uUX1T38TUz5GH5z5FyEkJsHMUo J_gDeAwsZ_3ZNmJ_cbvrQSH-wYklSjWZ69z8TI-QXeL1XaHg"} ] ]}} The response payload currently reports the success or failure of the bind operation: { "BindResponse":{ "EnvelopedAccountHostAssignment":[{ "ContentMetaData":"ewogICJNZXNzYWdlVHlwZSI6ICJBY2NvdW50SG 9zdEFzc2lnbm1lbnQiLAogICJjdHkiOiAiYXBwbGljYXRpb24vbW1tL29iamVjdCI sCiAgIkNyZWF0ZWQiOiAiMjAyNC0xMC0xNFQxMzoxMDo0NVoifQ"}, "ewogICJBY2NvdW50SG9zdEFzc2lnbm1lbnQiOiB7CiAgICAiQWNjb3VudE FkZGVzcyI6ICJhbGljZUBleGFtcGxlLmNvbSIsCiAgICAiQWNjZXNzRW5jcnlwdCI 6IHsKICAgICAgIlVkZiI6ICJNREVULTI2TkItNUdSVi1KT1dELUhKNkQtNldVTi1K TFdFIiwKICAgICAgIlB1YmxpY1BhcmFtZXRlcnMiOiB7CiAgICAgICAgIlB1YmxpY 0tleUVDREgiOiB7CiAgICAgICAgICAiY3J2IjogIlg0NDgiLAogICAgICAgICAgIl B1YmxpYyI6ICJlSzVIN29wbXU3VzgwY1ZtUWdzLXVQT3FUUURTbTI2Z0hFanU0SHB FLWRBR0lEczNaMFg2CiAgMlZsaWtzZktZT3NQN0FFbkE5d2VJN1dBIn19fSwKICAg ICJFbnZlbG9wZWRQcm9maWxlU2VydmljZSI6IFt7CiAgICAgICAgIkVudmVsb3BlS WQiOiAiTUJRRC1FVFhVLUhaUlctQTI2Ty1XRFRSLUs3R0ktWDZKRCIsCiAgICAgIC AgIkNvbnRlbnRNZXRhRGF0YSI6ICJld29nSUNKVmJtbHhkV1ZKWkNJNklDSk5RbEZ FTFVWVVdGVXRTRnBTVnkxCiAgQk1qWlBMVmRFVkZJdFN6ZEhTUzFZTmtwRUlpd0tJ Q0FpVFdWemMyRm5aVlI1Y0dVaU9pQWlVSEp2Wm1sc1oKICBWTmxjblpwWTJVaUxBb 2dJQ0pqZEhraU9pQWlZWEJ3YkdsallYUnBiMjR2YlcxdEwyOWlhbVZqZENJc0NpQQ ogIGdJa055WldGMFpXUWlPaUFpTWpBeU5DMHhNQzB4TkZReE16b3hNRG8wTkZvaWZ RIiwKICAgICAgICAiZGlnIjogIlM1MTIifSwKICAgICAgImV3b2dJQ0pRY205bWFX eGxVMlZ5ZG1salpTSTZJSHNLSUNBZ0lDSlRaWEoyYVdObFFYVjBhR1YKICB1ZEdsa llYUnBiMjRpT2lCN0NpQWdJQ0FnSUNKVlpHWWlPaUFpVFVSWlNTMUpNa0pJTFVoTl RETXRTRFpaUwogIHkxSFRsbFhMVXBLV0VZdFRsWkVTQ0lzQ2lBZ0lDQWdJQ0pRZFd Kc2FXTlFZWEpoYldWMFpYSnpJam9nZXdvCiAgZ0lDQWdJQ0FnSUNKUWRXSnNhV05M WlhsRlEwUklJam9nZXdvZ0lDQWdJQ0FnSUNBZ0ltTnlkaUk2SUNKWU4KICBEUTRJa XdLSUNBZ0lDQWdJQ0FnSUNKUWRXSnNhV01pT2lBaVowZzJVVTE1V1hnMWNXWlBVbU ZPVG5aeldubAogIFNPRE5DVFRCaGJrVnFMVlp4UTI5TUxUWnJYMEpvWkVaWlVUaFJ jSEp2TlFvZ0lEaHdNR2h5VkZKTlZFeGFjCiAgbkpDWkZkd2FuUlFTMmwxUVNKOWZY MHNDaUFnSUNBaVUyVnlkbWxqWlVWdVkzSjVjSFJwYjI0aU9pQjdDaUEKICBnSUNBZ 0lDSlZaR1lpT2lBaVRVRTBUQzFWUlRWQkxVVTBWa2N0VlVkU1N5MVVWbFF5TFROTV NFY3RXVGRPVgogIGlJc0NpQWdJQ0FnSUNKUWRXSnNhV05RWVhKaGJXVjBaWEp6SWp vZ2V3b2dJQ0FnSUNBZ0lDSlFkV0pzYVdOCiAgTFpYbEZRMFJJSWpvZ2V3b2dJQ0Fn SUNBZ0lDQWdJbU55ZGlJNklDSllORFE0SWl3S0lDQWdJQ0FnSUNBZ0kKICBDSlFkV 0pzYVdNaU9pQWlTMUJ5YmpaaFVIUlNTRWRNWWtreVlVVklla2xmWkhSUVJHZGhSMD FUVTB4NGEwUgogIGZaRmR6VkVKWlZrVXhTMlpVTTJ0QlR3b2dJSEZTTWpsUU9ESkR MVTV5ZEZwaGNHNTNlRnBtUmxSblFTSjlmCiAgWDBzQ2lBZ0lDQWlVMlZ5ZG1salpW TnBaMjVoZEhWeVpTSTZJSHNLSUNBZ0lDQWdJbFZrWmlJNklDSk5ReloKICBNTFZRM VVEWXRWVnBEVVMxU1VrUTNMVlpOU2swdFJUSkxVUzFCV2toRklpd0tJQ0FnSUNBZ0 Hallam-Baker Expires 17 April 2025 [Page 14] Internet-Draft Mesh Protocol Reference October 2024 lsQjFZbXhwWQogIDFCaGNtRnRaWFJsY25NaU9pQjdDaUFnSUNBZ0lDQWdJbEIxWW1 4cFkwdGxlVVZEUkVnaU9pQjdDaUFnSUNBCiAgZ0lDQWdJQ0FpWTNKMklqb2dJa1Zr TkRRNElpd0tJQ0FnSUNBZ0lDQWdJQ0pRZFdKc2FXTWlPaUFpZVRWaE4KICAxaFlaR zltWDBGNmFUaDFaVlJrWkZOSlduZzVaa1puUkRkYVpsaENWRGt0VGpabE5YRmxRbD l3VVhSdWRYSgogIDViQW9nSUZKT2VHVXlkelZJY2tOV09YTlplakpxY2pOMU5GaHh RU0o5Zlgwc0NpQWdJQ0FpVW05dmRGVmtaCiAgbk1pT2lCYklsbENUR3RyV0ZaUllt UnhaV0U0TVZGV1NXdHdjSEF3UkU5Q2RIUktSbU52VkVrM1ZWWmxkM0oKICBsZFUxQ 1FVb3plalp1Q2lBZ1RXMW1NekZHWWpSb1Jua3RUMHBxV1Zkb09UVkZNSE53VGxWMl VHcE5hbmN6VAogIG05d1FTSmRmWDAiLAogICAgICB7CiAgICAgICAgInNpZ25hdHV yZXMiOiBbewogICAgICAgICAgICAiYWxnIjogIkVENDQ4IiwKICAgICAgICAgICAg ImtpZCI6ICJNQUpPLUpFTFYtS0JXNS1WSFRMLVpWSUYtSkNKSi1VMk9RIiwKICAgI CAgICAgICAgIlNpZ25hdHVyZUtleSI6IHsKICAgICAgICAgICAgICAiUHVibGljS2 V5RUNESCI6IHsKICAgICAgICAgICAgICAgICJjcnYiOiAiRWQ0NDgiLAogICAgICA gICAgICAgICAgIlB1YmxpYyI6ICJIcnpOanRHOXpRb3F4ektHWDFmYTVld2tCMGc2 UDdIUWZpblp1VUNZX3E0S2U3NzhCcURRCiAgUHdFOGtwU2dVN2F1bEFVSklrOFVlL WtBIn19LAogICAgICAgICAgICAic2lnbmF0dXJlIjogInUyVTNwekFSLXAzU3lQeW xuZ3VlVnF3c2VCWW5rekowY1hTc21UNWp5S3FNTktMYjYKICBFSWhBNFFfbTlXNHF hajVNZnBrRnd3STZrUUE2S2g1OXcwem1NclBQZlRnUEUzbXhDSjVxTGo0U2hrTU11 YgogIEp3U2JfTDRFZjhycUtTWjl2R0hkRXVUSW1vVTFyRm5RQUhlb3JxenNBIn1dL AogICAgICAgICJQYXlsb2FkRGlnZXN0IjogIkdwd2pUTXJJX2tJNTFFUHNFckNpaU JFZTNYSlhudGJJMlhrZDR1WC1zVzZJeAogIDgxbGpTYk1EbkFMVzBodWEwcGVDeU1 PVnZCVjJpeVpiM2NSblFoNm1BIn1dfX0" ], "Status":201, "StatusDescription":"Operation completed successfully"}} It is likely that a future revisions of the specification will specify the host(s) to which future account service operations are to be directed. This would allow the account management operations to be separated from the account maintenance operations without requiring the traditional tiered architecture in which every interaction with a service is first routed to a host that cannot perform the required action so that it can be directed to the host that can. 6.2.1.1. Bind Group Account Mesh Group Accounts are created in the same manner as user accounts except that the ProfileGroup is specified. 6.2.1.2. Account Recovery Should all the administration devices be lost, an account MAY be recovered by the process of recovering the profile master secret and using it to access the account through the account authentication key. Hallam-Baker Expires 17 April 2025 [Page 15] Internet-Draft Mesh Protocol Reference October 2024 6.2.2. Unbind Account An account registration is deleted using the UnbindAccount transaction. >>>> Unfinished ProtocolAccountDelete The request payload: { "UnbindRequest":{ "Account":"alice@example.com"}} The response payload: { "UnbindResponse":{ "Status":201, "StatusDescription":"Operation completed successfully"}} 6.2.2.1. Account Transfer Should a user wish to transfer their account to a new service provider, they first use the Bind Account operation to bind the account to the new service provider, then populate the account entry at the new account using the account authentication key. Only after the new account binding has been completed and is ready for use, is the unbind operation used to delete the account entry at the old service provider. Future versions of the protocol will elaborate on this mechanism so that the change of address can be signaled to connected devices and parties sending messages to the account. 6.2.3. Account Recovery and Transfer. Account recovery is necessary in the case that user has lost control of every administration device connected to the account and must re- create the account profile and bind a new set of administrative devices. Account transfer is the process of unbinding an account from one service and rebinding it to a new one. These capabilities are both critical to the long term success of the Mesh but have been deleted from the current revision of the specification as their implementation is interdependent on the architecture of the callsign registry. Hallam-Baker Expires 17 April 2025 [Page 16] Internet-Draft Mesh Protocol Reference October 2024 >>>> Unfinished ProtocolAccountRecover [TBS] 6.3. Persistence Store Management All the state associated with a Mesh profile is stored as a sequence of DARE Messages in a Dare Container. The Mesh Service holding the master copy of the persistence stores and the devices connected to the profile containing complete copies (replicas) or partial copies (redactions). Thus, the only primitive needed to achieve synchronization of the profile state are those required for synchronization of a DARE Container. These steps are: * Obtain the status of the catalogs and spools associated with the account. * Download catalog and spool updates * Upload catalog updates. To ensure a satisfactory user experience, Mesh Messages are intentionally limited in size to 32 KB or less, thus ensuring that an application can retrieve the most recent 100 messages almost instantaneously on a high bandwidth connection and without undue delay on a slower one. 6.3.1. Status The status transaction returns the status of the containers the device is authorized to access for the specified account together with the updated Device Connection Entry if this has been modified since the entry presented to authenticate the request was issued. Alice adds an entry to her bookmark catalog. Before the bookmark can be added, the device synchronizes to the service. The synchronization process begins with a request for the status of all the stores associated with the account that it has access rights for: Hallam-Baker Expires 17 April 2025 [Page 17] Internet-Draft Mesh Protocol Reference October 2024 { "DownloadRequest":{ "MaxResults":-1, "DeviceUDF":"MBQO-4TTM-QOTS-MKEG-XQTU-XNFM-WUWM", "CatalogedDeviceDigest":"MC2F-2ZAT-4BRE-QDDE-HBQQ-3H7O-PB", "Select":[{ "Store":"Credential", "IndexMin":3}, { "Store":"Contact", "IndexMin":3}, { "Store":"Task", "IndexMin":1}, { "Store":"Bookmark", "IndexMin":1}, { "Store":"Network", "IndexMin":1}, { "Store":"Application", "IndexMin":1}, { "Store":"Device", "IndexMin":3}, { "Store":"Access", "IndexMin":3}, { "Store":"Document", "IndexMin":1}, { "Store":"Publication", "IndexMin":1}, { "Store":"Inbound", "IndexMin":3}, { "Store":"Outbound", "IndexMin":1}, { "Store":"Local", "IndexMin":2} ]}} If the account has a very large number of stores, the device might only ask for the status of specific stores of interest. Hallam-Baker Expires 17 April 2025 [Page 18] Internet-Draft Mesh Protocol Reference October 2024 The response specifies the status of each store specifying the index and Merkle tree apex digest values for each: { "DownloadResponse":{ "Updates":[{ "Envelopes":[[{ "enc":"A256CBC", "Salt":"fYUwUF5YTfAeOgSewpXy_A", "recipients":[{ "kid":"MDFG-UKLG-VUPZ-XAY3-BDMH-FI35-RW3Y", "epk":{ "PublicKeyECDH":{ "crv":"X448", "Public":"iwbMN5lNb1LLgLYYTt-1xchZIOKm_Xt8x 229dTEuZaDGfo0V1VLU19rYyWqPAif3wzWkzyFR7UmA"}}, "wmk":"0skSKfeeG4EaXByENg1R4wuXgNrWJ8nFkjpND1Wf sGntFaADEp-knw"} ], "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICI6ZnRwLmV4 YW1wbGUuY29tIiwKICAiRXZlbnQiOiAiVXBkYXRlIn0", "SequenceInfo":{ "Index":3, "TreePosition":1137}, "Received":"2024-10-14T13:10:46Z", "PayloadDigest":"M5x4gqPlFJCU1hAeHkcwuahGWSKDj7sIkn _nkD6QtVAmWj5sjPJqsHAbaS7wIa868nZesxO9xHg3H2qs3aAZPQ", "ApexDigest":"NcSyijJ8HTa7RoYotCszOoMrNtSjGMx7DhkNd nrIvkJzyUwVU-UmbZBHhhfJ_sb7bZ34aSVbSjh8smDsEoPLSA", "dig":"S512"}, "Yu50_fuQ4RhYOlOjCENjKFmKjcWcnb08of_ZaW5Kg1KovLyN5bsa x3TH9EKsQ50AuJ_bp6xXlhYY0arhBudTm4G7oPc8TYRdCMw4-bs4iGGu8zFoXCAex 6eC9_LJbyTw20DmFIzCt6Jdpos2oQZ6GyT-x8PCxImuOzToiP6x2O4", {} ] ], "Store":"Credential"}, { "Envelopes":[ ], "Store":"Contact"}, { "Envelopes":[ ], "Store":"Task"}, { "Envelopes":[ ], Hallam-Baker Expires 17 April 2025 [Page 19] Internet-Draft Mesh Protocol Reference October 2024 "Store":"Bookmark"}, { "Envelopes":[ ], "Store":"Network"}, { "Envelopes":[ ], "Store":"Application"}, { "Envelopes":[ ], "Store":"Device"}, { "Envelopes":[ ], "Store":"Access"}, { "Envelopes":[ ], "Store":"Document"}, { "Envelopes":[ ], "Store":"Publication"}, { "Envelopes":[ ], "Store":"Inbound"}, { "Envelopes":[ ], "Store":"Outbound"}, { "Envelopes":[ ], "Store":"Local"} ], "Status":201, "StatusDescription":"Operation completed successfully"}} Bug: The current version of the reference code is only returning the digest values for the outbound store. 6.3.2. Download The download transaction returns a collection of entries from one or more containers associated with the profile. Hallam-Baker Expires 17 April 2025 [Page 20] Internet-Draft Mesh Protocol Reference October 2024 The service MAY limit the number of entries returned in an individual response for performance reasons. The previous status operation has reported that a new envelope has been added to the credential store. The device requests this data from the service: The response contains the requested envelope: Future: The current implementation of the download operation is limited by the capabilities of the HTTP binding of the RUD transport. A future binding allowing operations that consist of a single request followed by a sequence of responses will allow much greater flexibility. Future versions of the protocol may support optional filtering criteria so that the service only returns objects matching specific criteria and/or only return certain parts of the selected messages. 6.3.3. Transact The transact transaction appends envelopes to one or more stores. The operation is atomic, that is either all the changes specified will be made to the stores or none will. This ensures that simultaneous attempts to update a store do not result in race conditions allows Mesh stores to provide ACID (Atomicity, Consistency, Isolation, Durability) properties to the applications they serve. Clients SHOULD check to determine if updates to a container conflict with pending updates on the device waiting to be uploaded. For example, if a contact that the user modified on the device attempting to synchronize was subsequently deleted. The means of resolving such conflicts is not in the scope of this specification. Each update to a catalog or container specifies the expected container index and apex digest. This provides a strong guarantee of consistency. The service MUST verify each update to check that the Merkle Tree values specified are consistent with the store entries and that the signature on the apex value (if specified) is valid and correct. Services MAY impose limits on the size and number of additions performed in response to a TransactRequest message to ensure that processing time does not degrade performance for other users. The request payload specifies the data to be appended to the stores. Hallam-Baker Expires 17 April 2025 [Page 21] Internet-Draft Mesh Protocol Reference October 2024 { "TransactRequest":{ "Updates":[{ "Envelopes":[[{ "enc":"A256CBC", "kid":"EBQH-FCIB-JKQT-746V-FE2I-IEEI-GMEC", "Salt":"WsdkI2icQX-czV4twcrQSQ", "recipients":[{ "kid":"MDZV-J4CB-QLA5-K6GU-GGP2-OAXS-3FB6", "epk":{ "PublicKeyECDH":{ "crv":"X448", "Public":"nNKy3ud25ZOHhOpIoCREUMru72r9RPny4 8Tg_yw7JELHYek0nEgUiVgYJiVUweGMmPL0HC-KdY4A"}}, "wmk":"LLtDyCCrKdEbVEzohPLP2Q_ZxMLz9qv2dXLBiaB2 XVkFHt-Jxa9rgw"} ], "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJOQUNMLTVM WFktS1hGNC00MzJCLVhDWkEtV1RGNC1RUDVRIiwKICAiRXZlbnQiOiAiTmV3In0", "SequenceInfo":{ "Index":1, "TreePosition":0}, "PayloadDigest":"jus6Cpy4Fk_4HN2oW7xhkBSv6Ah-cAImeN rmBbcQy4heAkyzHiOouwUNiy1ek-eh68q2zgEwaqWAxVUutj9sMQ", "ApexDigest":"rY8d41_tcAvacoZ7x5NI2GmM9R33bPgWN_uTc VuKD6cuj6aTFqwdY2nCSRiyE6Pw_lpUIdiDEWz6XmdQh33Z3A", "dig":"S512"}, "lzE4p_C7tj1-0YCg1J__UUvK-WqDtWDCOvsm4MN0y95R8-XpbgEi 888BlNOnp6d1pvNNKHtxtNzO9_yOMKTAur3B6a1nag1-x35DddfV-8Ho9DjSAoMGh NWZ6I336ggTSHMOWLJXbqxBYCUrnBHMZn7ZWADU0IoqzE4VXsODflmYQihY2sPQMO iiHM07WD_r" ] ], "Store":"Bookmark"} ]}} The response reports successful completion: { "TransactResponse":{ "Bitmask":"AAEAAA", "Status":201, "StatusDescription":"Operation completed successfully"}} Hallam-Baker Expires 17 April 2025 [Page 22] Internet-Draft Mesh Protocol Reference October 2024 6.4. Device Connection In order to support the wide range of affordances supported by devices, four device connection interactions are currently specified. The use of these mechanisms is described in [draft-hallambaker-mesh-architecture] and the interactions themselves are described in section ??? following. Device connection operations are always issued by a device requesting connection to a Mesh account and must therefore be authenticated under the device profile rather than the account profile. Two device connection operations are currently defined: Connect Requests connection to the account. Complete Polls for completion of a connection request. Since the second operation is merely polling for completion of the transaction requested by the first, it is likely that these will be combined in a future revision of the specification. 6.4.1. Connect If the connection request is initiated by the device being connected, the device constructs a RequestConnection message which is posted to the Mesh Service using the Connect operation. If the Connect operation is accepted (i.e. the service determines it is not abuse), the service constructs an AcknowledgeConnection message which is forwarded to the inbound spool of the account to which connection is requested. The requesting device receives a copy of the AcknowledgeConnection message and the profile of the account it is requesting connection to. As described in the following section, the AcknowledgeConnection message contains the request details presented by the device and a nonce value generated by the service. This nonce value is used to compute the witness value that will be used for mutual authentication of the device and account. The connect request is made to the service, not the account. The payload contains the enveloped connection request: Hallam-Baker Expires 17 April 2025 [Page 23] Internet-Draft Mesh Protocol Reference October 2024 { "ConnectRequest":{ "EnvelopedRequestConnection":[{ "EnvelopeId":"MBRN-LSG3-IBIK-2RUK-U4TO-HOZK-7ZJP", "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJOQkFNLUlCRzctNE lNMi1VTks2LU5RT1EtSEZTUi00TEJEIiwKICAiTWVzc2FnZVR5cGUiOiAiUmVxdWV zdENvbm5lY3Rpb24iLAogICJjdHkiOiAiYXBwbGljYXRpb24vbW1tL29iamVjdCIs CiAgIkNyZWF0ZWQiOiAiMjAyNC0xMC0xNFQxMzoxMDo1NloifQ"}, "ewogICJSZXF1ZXN0Q29ubmVjdGlvbiI6IHsKICAgICJBY2NvdW50QWRkcm VzcyI6ICJhbGljZUBleGFtcGxlLmNvbSIsCiAgICAiQXV0aGVudGljYXRlZERhdGE iOiBbewogICAgICAgICJFbnZlbG9wZUlkIjogIk1CUUQtQ09ERS1YTVdKLVFIRTMt MktIWi1VS0tGLVRWVkYiLAogICAgICAgICJDb250ZW50TWV0YURhdGEiOiAiZXdvZ 0lDSlZibWx4ZFdWSlpDSTZJQ0pOUWxGRUxVTlBSRVV0V0UxWFNpMQogIFJTRVV6TF RKTFNGb3RWVXRMUmkxVVZsWkdJaXdLSUNBaVRXVnpjMkZuWlZSNWNHVWlPaUFpVUh KdlptbHNaCiAgVVJsZG1salpTSXNDaUFnSW1OMGVTSTZJQ0poY0hCc2FXTmhkR2x2 Ymk5dGJXMHZiMkpxWldOMElpd0tJQ0EKICBpUTNKbFlYUmxaQ0k2SUNJeU1ESTBMV EV3TFRFMFZERXpPakV3T2pVMldpSjkiLAogICAgICAgICJkaWciOiAiUzUxMiJ9LA ogICAgICAiZXdvZ0lDSlFjbTltYVd4bFJHVjJhV05sSWpvZ2V3b2dJQ0FnSWtWdVk zSjVjSFJwYjI0aU9pQgogIDdDaUFnSUNBZ0lDSlZaR1lpT2lBaVRVTkVXaTFGUVRN M0xWQlFURUV0VmpWQ1VpMHpObFJRTFU1TFJFSXROCiAgRFJYVlNJc0NpQWdJQ0FnS UNKUWRXSnNhV05RWVhKaGJXVjBaWEp6SWpvZ2V3b2dJQ0FnSUNBZ0lDSlFkV0oKIC BzYVdOTFpYbEZRMFJJSWpvZ2V3b2dJQ0FnSUNBZ0lDQWdJbU55ZGlJNklDSllORFE 0SWl3S0lDQWdJQ0FnSQogIENBZ0lDSlFkV0pzYVdNaU9pQWljbTVSUm5GWlpUSXRZ alUxUWtveU5IZG5SRFl0ZVdkWmQyUlVWblp1YkhsCiAgalNIUlRTVFJ0TldRNWRHM WpMVmxKTjJKYVRnb2dJRWRPTTFod2RGZG9XVGhXWm1WUFMzUnlVMjE2Vld0SFEKIC BTSjlmWDBzQ2lBZ0lDQWlVMmxuYm1GMGRYSmxJam9nZXdvZ0lDQWdJQ0FpVldSbUl qb2dJazFEUTBndFZWQgogIEpUQzFYUzBsR0xVRk5OVlV0U0ZSTVJpMHpNMVJNTFZa SU4xUWlMQW9nSUNBZ0lDQWlVSFZpYkdsalVHRnlZCiAgVzFsZEdWeWN5STZJSHNLS UNBZ0lDQWdJQ0FpVUhWaWJHbGpTMlY1UlVORVNDSTZJSHNLSUNBZ0lDQWdJQ0EKIC BnSUNKamNuWWlPaUFpUldRME5EZ2lMQW9nSUNBZ0lDQWdJQ0FnSWxCMVlteHBZeUk 2SUNKblRYbDFPSFZuWQogIG10T01rZFFaRzEwT0VvMldrUXhZM000VW5oT2NEWmxS MWRpV0dwVmFuUjVTMUl5UWtkSVlrOXRkbU5XQ2lBCiAgZ2RYbzVjMDlJV2tGTmVWV kRVVkJ0WVRCd1FVcG5SR2RCSW4xOWZTd0tJQ0FnSUNKQmRYUm9aVzUwYVdOaGQKIC BHbHZiaUk2SUhzS0lDQWdJQ0FnSWxWa1ppSTZJQ0pOUVZCSUxUWXpObEV0TjBaTFZ TMUdNMGhLTFV4UVEwTQogIHRXa3RWUnkxWlZ6WTBJaXdLSUNBZ0lDQWdJbEIxWW14 cFkxQmhjbUZ0WlhSbGNuTWlPaUI3Q2lBZ0lDQWdJCiAgQ0FnSWxCMVlteHBZMHRsZ VVWRFJFZ2lPaUI3Q2lBZ0lDQWdJQ0FnSUNBaVkzSjJJam9nSWxnME5EZ2lMQW8KIC BnSUNBZ0lDQWdJQ0FnSWxCMVlteHBZeUk2SUNJdGJEZHBPV3gyTTNacmVWWkdORzV TVHpaRlNFdFhSVXMwTAogIFUxbk5HUnNSV3BxTTFaaFZHeHFjVGR3YUZsclNuaHFW bkV5Q2lBZ1UyOHpTVWx6WTFaU01rUkNPRkEzZWxkCiAgTk1sQjNibGRCSW4xOWZTd 0tJQ0FnSUNKU2IyOTBWV1JtY3lJNklGc2lXVXRQVkZveVRVRktZazkwVEVWU2EKIC BXZFJMVXB4VjFOVmVVRnlNMTlXZUd4MVdtMXFZVnBOYUhSc1dGRmlkbEp0VmpJS0l DQnhlVlpLVTFCWFJ5MQogIE9USEJ0YjNNeFFreFBNMWN3TmpRMFJsQjZZM2swVFdj d04zcEpJbDE5ZlEiLAogICAgICB7CiAgICAgICAgInNpZ25hdHVyZXMiOiBbewogI CAgICAgICAgICAiYWxnIjogIkVENDQ4IiwKICAgICAgICAgICAgImtpZCI6ICJNQ1 JaLUdaM0QtQUFTMy1ITEpNLUlSUkktQ0Q0Si1WRlNKIiwKICAgICAgICAgICAgIlN pZ25hdHVyZUtleSI6IHsKICAgICAgICAgICAgICAiUHVibGljS2V5RUNESCI6IHsK ICAgICAgICAgICAgICAgICJjcnYiOiAiRWQ0NDgiLAogICAgICAgICAgICAgICAgI Hallam-Baker Expires 17 April 2025 [Page 24] Internet-Draft Mesh Protocol Reference October 2024 lB1YmxpYyI6ICJEMDlsTlpYVWNCcS1uN2V1QmduZEVfbkozeFk1bDBGRVFIZmdwZD NCNGFtVjNmWWhsYk42CiAgQWRoVGRrRElGTGVETnZJaUJpb3ptVVVBIn19LAogICA gICAgICAgICAic2lnbmF0dXJlIjogIkQ1RHhCZEhmRS1XaTYtTFlXSVB6SVJPMlFk clE1VlBXb0h1RlRBblA5em9qQ0tfXzYKICBkTjZpWUtpc0NUMWRSRFhJR3dpQ2UtV HJVdUExNExycTBibWpvTko1MEY1Z2hFTnFPbFR6ZkR6WFY4QmpXegogIFBRTDBhZ1 9WV3BOM0phaVUwSFJnVFZ2a3VnUlhwQUVFLUJaZFBHQzhBIn1dLAogICAgICAgICJ QYXlsb2FkRGlnZXN0IjogIlhSWmZNUjA5MENuN2xEQ21HWTJnT01TX2NHaUUyYzhk NkpMaF8zM1RKMHh4ZgogIFdXdlFFa3l1cDdyZ1FNcFdaTnFJRkVXQlFaRTJPZ040S 2IwZ2JRSGJ3In1dLAogICAgIkNsaWVudE5vbmNlIjogIlB5X003eGxvNXJMQjhhdE VwQ0NRaUEiLAogICAgIlBpbklkIjogIkFBS1UtTUpLVy1HUkRTLVMzWkktRE9OSC1 ENlVTLTRSRVciLAogICAgIlBpbldpdG5lc3MiOiAiY3FlZDMzclJvQzRmSG5WVGp6 cmVvYV94NUJMS3BMbWhZNWpJZnhCZUNPRGdicUpjCiAgbGh5Q1dtb1ozMG9OS2NHd TR0RXZQN3d2c2xVOGg0aU1vYlNSTmciLAogICAgIk1lc3NhZ2VJZCI6ICJOQkFNLU lCRzctNElNMi1VTks2LU5RT1EtSEZTUi00TEJEIn19" ], "Rights":[ ]}} The response payload contains the information the device requires to compute the witness value and to poll for completion. This is a copy of the request acknowledgement and a copy of the profile of the account the device has requested connection to: { "ConnectResponse":{ "EnvelopedAcknowledgeConnection":[{ "EnvelopeId":"MDU6-DXWG-L3TO-TDYK-VNXN-7ZIR-IOSW", "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJBNkozLUVWVTUtUU dCTS1XSTRaLUhZVUMtT05IUC1PM1ZDIiwKICAiTWVzc2FnZVR5cGUiOiAiQWNrbm9 3bGVkZ2VDb25uZWN0aW9uIiwKICAiY3R5IjogImFwcGxpY2F0aW9uL21tbS9vYmpl Y3QiLAogICJDcmVhdGVkIjogIjIwMjQtMTAtMTRUMTM6MTA6NTZaIn0"}, "ewogICJBY2tub3dsZWRnZUNvbm5lY3Rpb24iOiB7CiAgICAiRW52ZWxvcG VkUmVxdWVzdENvbm5lY3Rpb24iOiBbewogICAgICAgICJFbnZlbG9wZUlkIjogIk1 CUk4tTFNHMy1JQklLLTJSVUstVTRUTy1IT1pLLTdaSlAiLAogICAgICAgICJDb250 ZW50TWV0YURhdGEiOiAiZXdvZ0lDSlZibWx4ZFdWSlpDSTZJQ0pPUWtGTkxVbENSe mN0TkVsTk1pMQogIFZUa3MyTFU1UlQxRXRTRVpUVWkwMFRFSkVJaXdLSUNBaVRXVn pjMkZuWlZSNWNHVWlPaUFpVW1WeGRXVnpkCiAgRU52Ym01bFkzUnBiMjRpTEFvZ0l DSmpkSGtpT2lBaVlYQndiR2xqWVhScGIyNHZiVzF0TDI5aWFtVmpkQ0kKICBzQ2lB Z0lrTnlaV0YwWldRaU9pQWlNakF5TkMweE1DMHhORlF4TXpveE1EbzFObG9pZlEif SwKICAgICAgImV3b2dJQ0pTWlhGMVpYTjBRMjl1Ym1WamRHbHZiaUk2SUhzS0lDQW dJQ0oKICBCWTJOdmRXNTBRV1JrY21WemN5STZJQ0poYkdsalpVQmxlR0Z0Y0d4bEx tTnZiU0lzQ2lBZ0lDQWlRWFYwYQogIEdWdWRHbGpZWFJsWkVSaGRHRWlPaUJiZXdv Z0lDQWdJQ0FnSUNKRmJuWmxiRzl3WlVsa0lqb2dJazFDVVVRCiAgdFEwOUVSUzFZV FZkS0xWRklSVE10TWt0SVdpMVZTMHRHTFZSV1ZrWWlMQW9nSUNBZ0lDQWdJQ0pEYj I1MFoKICBXNTBUV1YwWVVSaGRHRWlPaUFpWlhkdlowbERTbFppYld4NFpGZFdTbHB EU1RaSlEwcE9VV3hHUlV4VlRsQgogIFNSVlYwVjBVeFdGTnBNUW9nSUZKVFJWVjZU RlJLVEZOR2IzUldWWFJNVW1reFZWWnNXa2RKYVhkTFNVTkJhCiAgVlJYVm5wak1rW nVXbFpTTldOSFZXbFBhVUZwVlVoS2RscHRiSE5hQ2lBZ1ZWSnNaRzFzYWxwVFNYTk Hallam-Baker Expires 17 April 2025 [Page 25] Internet-Draft Mesh Protocol Reference October 2024 RhVUYKICBuU1cxT01HVlRTVFpKUTBwb1kwaENjMkZYVG1oa1IyeDJZbWs1ZEdKWE1 IWmlNa3B4V2xkT01FbHBkMHRKUQogIDBFS0lDQnBVVE5LYkZsWVVteGFRMGsyU1VO SmVVMUVTVEJNVkVWM1RGUkZNRlpFUlhwUGFrVjNUMnBWTWxkCiAgcFNqa2lMQW9nS UNBZ0lDQWdJQ0prYVdjaU9pQWlVelV4TWlKOUxBb2dJQ0FnSUNBaVpYZHZaMGxEU2 xGamIKICBUbHRZVmQ0YkZKSFZqSmhWMDVzU1dwdloyVjNiMmRKUTBGblNXdFdkVmt 6U2pWalNGSndZakkwYVU5cFFnbwogIGdJRGREYVVGblNVTkJaMGxEU2xaYVIxbHBU MmxCYVZSVlRrVlhhVEZHVVZSTk0weFdRbEZVUlVWMFZtcFdRCiAgMVZwTUhwT2JGS lJURlUxVEZKRlNYUk9DaUFnUkZKWVZsTkpjME5wUVdkSlEwRm5TVU5LVVdSWFNuTm hWMDUKICBSV1ZoS2FHSlhWakJhV0VwNlNXcHZaMlYzYjJkSlEwRm5TVU5CWjBsRFN sRmtWMG9LSUNCellWZE9URnBZYgogIEVaUk1GSkpTV3B2WjJWM2IyZEpRMEZuU1VO QlowbERRV2RKYlU1NVpHbEpOa2xEU2xsT1JGRTBTV2wzUzBsCiAgRFFXZEpRMEZuU 1FvZ0lFTkJaMGxEU2xGa1YwcHpZVmROYVU5cFFXbGpiVFZTVW01R1dscFVTWFJaYW xVeFUKICBXdHZlVTVJWkc1U1JGbDBaVmRrV21ReVVsVldibHAxWWtoc0NpQWdhbE5 JVWxSVFZGSjBUbGRSTldSSE1XcAogIE1WbXhLVGpKS1lWUm5iMmRKUldSUFRURm9k MlJHWkc5WFZHaFhXbTFXVUZNelVubFZNakUyVmxkMFNGRUtJCiAgQ0JUU2psbVdEQ npRMmxCWjBsRFFXbFZNbXh1WW0xR01HUllTbXhKYW05blpYZHZaMGxEUVdkSlEwRn BWbGQKICBTYlVscWIyZEphekZFVVRCbmRGWldRZ29nSUVwVVF6RllVekJzUjB4VlJ rNU9WbFYwVTBaU1RWSnBNSHBOTQogIFZKTlRGWmFTVTR4VVdsTVFXOW5TVU5CWjBs RFFXbFZTRlpwWWtkc2FsVkhSbmxaQ2lBZ1Z6RnNaRWRXZVdOCiAgNVNUWkpTSE5MU 1VOQlowbERRV2RKUTBGcFZVaFdhV0pIYkdwVE1sWTFVbFZPUlZORFNUWkpTSE5MU1 VOQloKICAwbERRV2RKUTBFS0lDQm5TVU5LYW1OdVdXbFBhVUZwVWxkUk1FNUVaMmx NUVc5blNVTkJaMGxEUVdkSlEwRgogIG5TV3hDTVZsdGVIQlplVWsyU1VOS2JsUlli REZQU0ZadVdRb2dJRzEwVDAxclpGRmFSekV3VDBWdk1sZHJVCiAgWGhaTTAwMFZXN W9UMk5FV214U01XUnBWMGR3Vm1GdVVqVlRNVWw1VVd0a1NWbHJPWFJrYlU1WFEybE JDaUEKICBnWjJSWWJ6VmpNRGxKVjJ0R1RtVldWa1JWVmtKMFdWUkNkMUZWY0c1U1I yUkNTVzR4T1daVGQwdEpRMEZuUwogIFVOS1FtUllVbTlhVnpVd1lWZE9hR1FLSUNC SGJIWmlhVWsyU1VoelMwbERRV2RKUTBGblNXeFdhMXBwU1RaCiAgSlEwcE9VVlpDU 1V4VVdYcE9iRVYwVGpCYVRGWlRNVWROTUdoTFRGVjRVVkV3VFFvZ0lIUlhhM1JXVW 5reFcKICBsWjZXVEJKYVhkTFNVTkJaMGxEUVdkSmJFSXhXVzE0Y0ZreFFtaGpiVVo wV2xoU2JHTnVUV2xQYVVJM1EybAogIEJaMGxEUVdkSkNpQWdRMEZuU1d4Q01WbHRl SEJaTUhSc1pWVldSRkpGWjJsUGFVSTNRMmxCWjBsRFFXZEpRCiAgMEZuU1VOQmFWa 3pTakpKYW05blNXeG5NRTVFWjJsTVFXOEtJQ0JuU1VOQlowbERRV2RKUTBGblNXeE NNVmwKICB0ZUhCWmVVazJTVU5KZEdKRVpIQlBWM2d5VFROYWNtVldXa2RPUnpWVFZ IcGFSbE5GZEZoU1ZYTXdUQW9nSQogIEZVeGJrNUhVbk5TVjNCeFRURmFhRlpIZUhG alZHUjNZVVpzY2xOdWFIRldia1Y1UTJsQloxVXlPSHBUVld4CiAgNldURmFVMDFyV WtOUFJrRXpaV3hrQ2lBZ1RrMXNRak5pYkdSQ1NXNHhPV1pUZDB0SlEwRm5TVU5LVT JJeU8KICBUQldWMUp0WTNsSk5rbEdjMmxYVlhSUVZrWnZlVlJWUmt0WmF6a3dWRVZ XVTJFS0lDQlhaRkpNVlhCNFZqRgogIE9WbVZWUm5sTk1UbFhaVWQ0TVZkdE1YRlpW bkJPWVVoU2MxZEdSbWxrYkVwMFZtcEpTMGxEUW5obFZscExWCiAgVEZDV0ZKNU1Rb 2dJRTlVU0VKMFlqTk5lRkZyZUZCTk1XTjNUbXBSTUZKc1FqWlpNMnN3VkZkamQwNH pjRXAKICBKYkRFNVpsRWlMQW9nSUNBZ0lDQjdDaUFnSUNBZ0lDQWdJbk5wWjI1aGR IVnlaWE1pT2lCYmV3b2dJQ0FnSQogIENBZ0lDQWdJQ0FpWVd4bklqb2dJa1ZFTkRR NElpd0tJQ0FnSUNBZ0lDQWdJQ0FnSW10cFpDSTZJQ0pOUTFKCiAgYUxVZGFNMFF0U VVGVE15MUlURXBOTFVsU1Vra3RRMFEwU2kxV1JsTktJaXdLSUNBZ0lDQWdJQ0FnSU NBZ0kKICBsTnBaMjVoZEhWeVpVdGxlU0k2SUhzS0lDQWdJQ0FnSUNBZ0lDQWdJQ0F pVUhWaWJHbGpTMlY1UlVORVNDSQogIDZJSHNLSUNBZ0lDQWdJQ0FnSUNBZ0lDQWdJ Q0pqY25ZaU9pQWlSV1EwTkRnaUxBb2dJQ0FnSUNBZ0lDQWdJCiAgQ0FnSUNBZ0lsQ jFZbXhwWXlJNklDSkVNRGxzVGxwWVZXTkNjUzF1TjJWMVFtZHVaRVZmYmtvemVGaz Hallam-Baker Expires 17 April 2025 [Page 26] Internet-Draft Mesh Protocol Reference October 2024 FiREIKICBHUlZGSVptZHdaRE5DTkdGdFZqTm1XV2hzWWs0MkNpQWdRV1JvVkdSclJ FbEdUR1ZFVG5aSmFVSnBiM3B0VgogIFZWQkluMTlMQW9nSUNBZ0lDQWdJQ0FnSUNB aWMybG5ibUYwZFhKbElqb2dJa1ExUkhoQ1pFaG1SUzFYYVRZCiAgdFRGbFhTVkI2U 1ZKUE1sRmtjbEUxVmxCWGIwaDFSbFJCYmxBNWVtOXFRMHRmWHpZS0lDQmtUalpwV1 V0cGMKICAwTlVNV1JTUkZoSlIzZHBRMlV0VkhKVmRVRXhORXh5Y1RCaWJXcHZUa28 xTUVZMVoyaEZUbkZQYkZSNlprUgogIDZXRlk0UW1wWGVnb2dJRkJSVERCaFoxOVdW M0JPTTBwaGFWVXdTRkpuVkZaMmEzVm5VbGh3UVVWRkxVSmFaCiAgRkJIUXpoQkluM WRMQW9nSUNBZ0lDQWdJQ0pRWVhsc2IyRmtSR2xuWlhOMElqb2dJbGhTV21aTlVqQT VNRU4KICB1TjJ4RVEyMUhXVEpuVDAxVFgyTkhhVVV5WXpoa05rcE1hRjh6TTFSS01 IaDRaZ29nSUZkWGRsRkZhM2wxYwogIERkeVoxRk5jRmRhVG5GSlJrVlhRbEZhUlRK UFowNDBTMkl3WjJKUlNHSjNJbjFkTEFvZ0lDQWdJa05zYVdWCiAgdWRFNXZibU5sS WpvZ0lsQjVYMDAzZUd4dk5YSk1RamhoZEVWd1EwTlJhVUVpTEFvZ0lDQWdJbEJwYm tsa0kKICBqb2dJa0ZCUzFVdFRVcExWeTFIVWtSVExWTXpXa2t0UkU5T1NDMUVObFZ UTFRSU1JWY2lMQW9nSUNBZ0lsQgogIHBibGRwZEc1bGMzTWlPaUFpWTNGbFpETXpj bEp2UXpSbVNHNVdWR3A2Y21WdllWOTROVUpNUzNCTWJXaFpOCiAgV3BKWm5oQ1pVT lBSR2RpY1VwakNpQWdiR2g1UTFkdGIxb3pNRzlPUzJOSGRUUjBSWFpRTjNkMmMyeF ZPR2cKICAwYVUxdllsTlNUbWNpTEFvZ0lDQWdJazFsYzNOaFoyVkpaQ0k2SUNKT1F rRk5MVWxDUnpjdE5FbE5NaTFWVAogIGtzMkxVNVJUMUV0U0VaVFVpMDBURUpFSW4x OSJdLAogICAgIlNlcnZlck5vbmNlIjogIncwelNUNTJvSWtmMjlLemZIR1E3OGciL AogICAgIldpdG5lc3MiOiAiQTZKMy1FVlU1LVFHQk0tV0k0Wi1IWVVDLU9OSFAtTz NWQyIsCiAgICAiTWVzc2FnZUlkIjogIkE2SjMtRVZVNS1RR0JNLVdJNFotSFlVQy1 PTkhQLU8zVkMifX0" ], "EnvelopedProfileAccount":[{ "EnvelopeId":"MBQC-7OHA-RNBA-FRDL-R4GI-YQHA-DL36", "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJNQlFDLTdPSEEtUk 5CQS1GUkRMLVI0R0ktWVFIQS1ETDM2IiwKICAiTWVzc2FnZVR5cGUiOiAiUHJvZml sZVVzZXIiLAogICJjdHkiOiAiYXBwbGljYXRpb24vbW1tL29iamVjdCIsCiAgIkNy ZWF0ZWQiOiAiMjAyNC0xMC0xNFQxMzoxMDo0NVoifQ", "dig":"S512"}, "ewogICJQcm9maWxlVXNlciI6IHsKICAgICJDb21tb25TaWduYXR1cmUiOi B7CiAgICAgICJVZGYiOiAiTUROVC1XVDNHLTM0NkctNEk1VC1ZVjdGLUxUUVgtUFN OVCIsCiAgICAgICJQdWJsaWNQYXJhbWV0ZXJzIjogewogICAgICAgICJQdWJsaWNL ZXlFQ0RIIjogewogICAgICAgICAgImNydiI6ICJFZDQ0OCIsCiAgICAgICAgICAiU HVibGljIjogIklNeU1vN2ZFeTJ2SHA4c3lRMFZVNFhpdnBKRWhnUVFTWDNqOG12YT RIQ19UMDVVbmhRWXEKICBWWnl1dklRRVZvMmR5TUNSbTYwUTNFMEEifX19LAogICA gIkFjY291bnRBZGRyZXNzIjogImFsaWNlQGV4YW1wbGUuY29tIiwKICAgICJTZXJ2 aWNlVWRmIjogIk1CUUQtRVRYVS1IWlJXLUEyNk8tV0RUUi1LN0dJLVg2SkQiLAogI CAgIkVzY3Jvd0VuY3J5cHRpb24iOiB7CiAgICAgICJVZGYiOiAiTUNLRC0zTVI2LV AyVEUtTTZVNC00TElPLVpUUkctRFpWUyIsCiAgICAgICJQdWJsaWNQYXJhbWV0ZXJ zIjogewogICAgICAgICJQdWJsaWNLZXlFQ0RIIjogewogICAgICAgICAgImNydiI6 ICJYNDQ4IiwKICAgICAgICAgICJQdWJsaWMiOiAiMXZOVUFBcDNyc3pJcGhHOEVzZ m9hTzVZNnNaQ24wSGM4ekNnZFFpdllwSkFjRHRta1NzQwogIGVJMmdtRFRDSzZTcl MxVWdQdHVZbVR3QSJ9fX0sCiAgICAiQWRtaW5pc3RyYXRvclNpZ25hdHVyZSI6IHs KICAgICAgIlVkZiI6ICJNRDJMLTZNN0MtWjNaMy1RM0FMLUpGWUktWklVQy1CS1VS IiwKICAgICAgIlB1YmxpY1BhcmFtZXRlcnMiOiB7CiAgICAgICAgIlB1YmxpY0tle UVDREgiOiB7CiAgICAgICAgICAiY3J2IjogIkVkNDQ4IiwKICAgICAgICAgICJQdW JsaWMiOiAiYkhvS2IwYzEyRjdjaWJNXzNnWmNKWE16T09YNHNuSGdQVndPZlJZazZ Hallam-Baker Expires 17 April 2025 [Page 27] Internet-Draft Mesh Protocol Reference October 2024 BUkpPc0dQZW1zZAogIDJCbTBXZm1Ba1JZTzNFUTZmajhfTnpTQSJ9fX0sCiAgICAi Q29tbW9uRW5jcnlwdGlvbiI6IHsKICAgICAgIlVkZiI6ICJNQVlGLUQ3TEotNUlNU C1FVUNHLUhTR0gtN0xTUi1BQVBaIiwKICAgICAgIlB1YmxpY1BhcmFtZXRlcnMiOi B7CiAgICAgICAgIlB1YmxpY0tleUVDREgiOiB7CiAgICAgICAgICAiY3J2IjogIlg 0NDgiLAogICAgICAgICAgIlB1YmxpYyI6ICJjN29vcko4MDhzYzlkNDBLWERoSUhn Q1RGejM5TUszSmpPMFE3S191ZkRFR0RLaXdWS2hkCiAgM29QUTQ0UEVxR2p3a3BwN 09mYmNCYlNBIn19fSwKICAgICJDb21tb25BdXRoZW50aWNhdGlvbiI6IHsKICAgIC AgIlVkZiI6ICJNQUZULVNJTkEtU0ZYSS1QQkRZLVdSSEUtTlhZTC1EWFZUIiwKICA gICAgIlB1YmxpY1BhcmFtZXRlcnMiOiB7CiAgICAgICAgIlB1YmxpY0tleUVDREgi OiB7CiAgICAgICAgICAiY3J2IjogIlg0NDgiLAogICAgICAgICAgIlB1YmxpYyI6I CJYY2dFejl5MmNxc3g0WmViR0VSVGpyTi14ek44M0QtcGN4MDY1MXgtV1VDcVlOcn NuelRICiAgNDBDcG9NeHVOLUZucFQ1bV9iME15dUtBIn19fSwKICAgICJSb290VWR mcyI6IFsiWUJKUjNqUjJQbGpkWWs1cXhiV2RIWTByVFlFYUZBa0hZM01tc1I4enZO MURyMzNSbkwKICBVTDNUaHJHOURNV0JaM1AtOFp5R3p5S2FRWXdlY28yWlV0Y0t3I l19fQ", { "signatures":[{ "alg":"ED448", "kid":"MAJF-DXRU-OY7F-RXLC-JZVM-LNM5-DWGS", "SignatureKey":{ "PublicKeyECDH":{ "crv":"Ed448", "Public":"9sZGEfYSIoTvVSL0Q5c_Oip_Hi2iOTsl4L3iLwh fOv9bA-5nd7PyRooKEsQx-lA7PMAYBewSOmIA"}}, "signature":"6x3k8AC2jkUQv0jzlUVWJDqP7zcNkKAqvPcAs7Ci 2jXULjbIFAFCct8GC8Nb8KiD5ljoLAsVHr-AnYcjklyXSHN6Gn_BIZiLiW3Yu5_Ch XHspywX-ZGMD6soXJIilOzreauR-_aiUE7Gx0eh3Fje2wEA"} ], "PayloadDigest":"tXPfbmg_SRmARF_7HLPq-bM6NMO1h1Oa30f_Ag_T IRzGKMrmTKtV7XH-h3NIBFGxOQYuD0BproKNEg6uhtG0Mw"} ], "Status":201, "StatusDescription":"Operation completed successfully"}} 6.4.2. Complete The complete operation is used to complete the binding of a device to the account regardless of whether the operation is initiated by the administration device or the connecting device. The complete request is made to the service, not the account. The payload specifies the account the device is requesting completion for and the identifier of the completion message. { "CompleteRequest":{ "AccountAddress":"alice@example.com", "ResponseID":"MDDD-KNM4-KUZH-QVC4-KWLI-5NBW-T54I"}} Hallam-Baker Expires 17 April 2025 [Page 28] Internet-Draft Mesh Protocol Reference October 2024 The response payload: { "CompleteResponse":{ "EnvelopedRespondConnection":[{ "EnvelopeId":"MAXJ-OILL-BOXO-U6UW-C7T5-ONQV-PY7R", "enc":"A256CBC", "Salt":"XnZVi9-npm0l29WsKI7Leg", "recipients":[{ "kid":"MCDZ-EA37-PPLA-V5BR-36TP-NKDB-44WU", "epk":{ "PublicKeyECDH":{ "crv":"X448", "Public":"wS0AFAueGZ5yW7naIw6aoRiXzlJi0WscQOMf2md 18fxRLQSO9dVGcPXJBKf7r7F9jOmX3E5SC62A"}}, "wmk":"Ve5H9q2D9v4TqVlWRIYP57loyBwVuXjMHN1LRq0j-m_8fX 42Aav5tA"} ], "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJNRERELUtOTTQtS1 VaSC1RVkM0LUtXTEktNU5CVy1UNTRJIiwKICAiTWVzc2FnZVR5cGUiOiAiUmVzcG9 uZENvbm5lY3Rpb24iLAogICJjdHkiOiAiYXBwbGljYXRpb24vbW1tL29iamVjdCIs CiAgIkNyZWF0ZWQiOiAiMjAyNC0xMC0xNFQxMzoxMDo1NloifQ", "SequenceInfo":{ "Index":3, "TreePosition":449}, "Received":"2024-10-14T13:10:56Z"}, "xMjsh-u3PRAtFIo8z66UN-y-dmUHrd1HXfTWvLNg2QiUIEd_SM8FxrWJZo -dGskr_v86x37ONuvmO1P2TiJ-TMJdp_B6oe32fhuJ8UIHzuPP9i7ZwRkMaYPE1-5 ya3ROYEloRZG3Cy1Yw-R6Cb2J0Ox1i_OWmZn7U-ppMVMd5_OcNWnR23MXT7l8ULCn f_UcjIIUqFDQqHTJsuKMuCTUidBm4CwLZIivl9JV6-yXRNqJjO2Fthz7qE-FXuzFo RSGI28MXy4lCgWFRnQP_pPQkVokllNZu74vYT3ZU_MoF_YRYRXD7TrjH-TI7cA-Y- YKWpEMhBjMV-tEPHWRssztWaSdj5K5dVHHOFxQFHb1f77JdGtwkoumYB4V1VX-iq9 Qql0g6pbw1_EsOg2ycNUaXiuWdpXoVH_spEZZFLXEQCOCrnOHJxsMYahsS2NpA8oI E9kdHhs_NQW3FNMvt5JAmON2ZWFvqxIVlElRFEONFfBgG4qwMIXJUCdS94575sLS- 9H00ff-pyIvFCF8EpWKC0z0f_v5DSUw0xyMo36zhfcpSKpxuJFrGWoEwnP1G_TyIY fB4Pj1XD0R8JHhMrN9qp9FGswSIcZD3z_B7pS3hFr7GT0HayGH7hgs3YRdSn_0j3Y rcSIX7XnYIus65kLcnZuq6Gawcw0_U8tMrTwDDHCuaIXVhK-_FI83RVhQygAonpAk 53XRG6VHDTK8hO1mmCdV2OMB5ZEZbCx0i-SJS871y2eNNUUIBrgP3Et6eJsRLbFHJ anXdOL6Jv-cHN1En8NlrYOF32UXID27MOi-HfVnixawKEm_K7oyG6Zl3eHUW2OkOC 8cDRm_8OKEFMWIcdYdwMnklN-bxasoCeJas9sQwvzT9CjfAsiGM0hWryXswO1C2xb IWrWL8QfAn-h_XpwCasR66U40EsgmWkFpwdWJa-rzqzKEIVB1CWcGNtuq3dhStI9r KwVnyj9CNi87oZcT6fVR9xy03qRdSjzwJZmQcoDWv7LTY-sDSbGKbwsx2QEx8dw0x vCTeaJoMQlXIP7i7GmNIE8m2WYBxJShliO3kcVL07oUeGToFus68VDuVwkMSiUQuj eQGIyHpH5SLUhjG7cvM6eVSuh8DWOzLebSW77OdcbeEcKYDYptwgo5Zno0aoi1zxZ 2oBCqcXWkWVUbz7IK3lDAY2PFabwaEiCHYw6kTV0X-ECrxCEn_xORF1-0lDMvW1F5 3fA18D9Klz2g-eCrjbJhWSxaoP3NNBH1t1fGctbsE-Be-tw9Kval9GONTALt3CbB_ ZBWg5J6hZCOMx3Yj896Puz1OsLJBariFJWEe-3qFGVMb1NupCTslPaEjWky7MZTmC CV8IKD1xIa-Q_nS7UUW7X8z93jrSIzpg60ghxlZ6EuJhIiaGpzW_1slUDBLh8Oa3o Hallam-Baker Expires 17 April 2025 [Page 29] Internet-Draft Mesh Protocol Reference October 2024 WkpCATbyRoaa2yVzbp9hLyhBNqyDe8Ndc1uHEifJCXr-XNPXEyvKUt58yUhFwATN6 narNULPa7balWoKGsOHZpSs29lWjL-SXFV3hV4WYCSJc9rNbTLb9MFddwE68Y_4kp 2yIO2dcDZ1gc-EAGDBB1Bfu-wjaNAn0oLrscHdT2iA87IsNSUz72ZL2kb_ruanZtM vGWxoP8Wlp-PFb1XgA61AdgYwtpWKkCS88BuuYYRODlwOn74dc0tXwZyS_13w0cy- AEd1roanNtAtLPxKW4-BQF93tf3aQxHJ9FHCdxvK8p7botB6pbTHj3rYzfCHlfsUd t8l9xvCDm-EIWx0xziLCn1f3GIrhJEcJXqQomUe5j86kCiyW01IDHJtLqDfX-_sWn GLiYpW8WAfHmO0lzf29dzKHsdSSRepcHb0ikpDUlWPun9F4BXbc8SxfuwXFbOhEu5 0kx3M_k2Y1C0wjLUlAPE8ckT-ByYruiiOEVifXVv4lmPFcaSNwIr-L28zqqPH1NwW tXWsQpapN-_QcBfJp4Q9kYZaN5PAbxULPN3Z2i2XDhWoHRfbWNpKrNxxS6fxcpGVR OdYtygDyhwdueBLw3AFqE5qcyaXI9__WSni1gAxnRCrdp2rCeDPM6JurBgmNpmMp- vuyS8CVVJ2wU1SZ8u2ZGKBTVxIoxPnKoqmjzL2d0n6kx3-qGx9o9heFC_JEj-xCUL XXqInKcn8PHLkdfHAYjpA-BIU5LOdH6pzrHPkczbkeg_YugPg8MXtP4ykSDzz5Fwh vqdy8V9lk1VGx9wSMSbqMPKZWyhnnNaWFw0NsU6aMHHM_RD7ZcgyC8XtlljA2_Tgm qNc_IskgRantjiY9_uUUIOu3OXhPZv9n7wVAFwFUargeB0WIH-6CRSko0TQJ2STn_ dYHUd57FNQlUZEWrFtImtZX2m_YzUwdXeZstXi6GQVtLoF8SNQMlxXbI5iRWeaKFJ 9z3YB21N0trB7TQGwBOQPuwHLNHOemRPkQjVGkap6Dv3lq7SBBABJz-IYs6QkXbif ahjc2KXvAKuikExdztdCozWWxUeUfLySB3dkl7syr_yJ0uN-RpWhZ59Nvg028R6JZ p_Anvb2MNtA4OlwcXfuie8cxVmZnIrhmpdUuy9hAc0wQ0xLW1rxlMkMoxNBR7xYP6 HFKN4jp2x_gOzpulrdnR42GoQeJH54uMBPIxprhcQicnFaEVZKSFIqKkAp88ilvYf qSKlh9YtfPEDMLHMHOmU2yExRrvUuMbA2LUi75DO3321rPrVotmUX6r1rjfasxCso ph-aUZY2HrGrzmVcIfb-KTPQaxYcG9IMH9PrUEzzwE3z6lccnU1qAF4b4rz22Px6q TyjcDuR2p7GbE_Fh73lTwmAkMBjJfvP8cUFGei2qe4gaJUqCk7CyLHNlAauacURzT iRbT3fmlv11mShXNrzM6VqI2c5_2hp9mCih1xaFBJcL-zKI49yVzHoJeG_657ozzu TATHtqrKf84vKQGOQMUMAwDm-G7w7XsKNbehEC-xxFl0ei2bn4vfP7mZQoPTCUwRO luvLZBXvsZaiLtLx4W-rMeV46MHi9AGMnhLw6JDaGuIEQbi8brgmc3wiasRYjPgNp fer8aj9tw_rXeFK2U-JDmaiznH7_crrv6x3QDsMEFEHazvooGdsQeP9rxdlQqSj48 QIt-kEjbNLKG6G9jAvt0jCPeqzz8oay89Kp0JGYFYeaeV3oHkMlZQ3l_JGIx8ewIy eKgCjrNCzBJKx8cHmBwJFI7ATrQw1FoLOqm6VBYiODZOAag47qXrFjeFGBWHCjSmN R0Qwkc7qa99N1lY-GEdvujxiljNhdrSbEUzjnsG2-3p87N5_kXzqgZKrVQykYzXYM NtrgV9wzhVnuu28M1Vn7JPe9y2NzcxOGYtNyjj_bjY-yR63kPhQaUr4v4kEjW-koN k15ju-9yIKyHqMVLm2gK02rRjwD1OMfISaWCyMn9sVeaXdl9o_iU_3jEGdnWnH1wt 1UtK0hkYO-ZaA9KdnhNcX-M2qMYYyG68U0iOwqng6It9Nlto-JufKbNk_a9KqOVVs COpqzB7m7Nk8LkTZoDi7tvQ36eLDd5KGMTyJutFIbB3pdzKHKNf9cgBOozzqUephy 6uSJIhP9ntqC_DcpTBA-XnzC7cBzMviI7bAA7t4bcmUyiWz_CTViyMlfWjz5mLoxW tXK2U0KQhuiYeun_QoYk5OIdgbBkX7Ht5XhC__mG5sngl-4Mn-0Ua4PP3pqgxrWFq We1gxKxbCDEsEdEApzLY9yg6g9CFlb3cVtNlipaK3w-IOF2eeMqbWQx_JrpBBYf74 l56AvD2aVaN_Hlmc1sfIZRJlT2W-aK1DvI1o3QTTSUSwqIH4mDE2ZBpqxyucMHS0- W23p8MeecbfkAVUwUrcnh36jUIQoXAdwxGei5w2zSw92LItiL3SK1s0Q3kx3XhR1D UeIcRrHYzBkWNSf2m3JZit8M3oiHp-ZxIZKdEpVrRethPqeGg3Qy4HPiO4ONBJB-W suKKbC_9QxrUTvPyAi2T6IKP_wrcIqE7m1wLJ57m19h1SC8CtovdCvGryqvIu0bh9 Yc7KXigPbVXsQgIvhDC_in3YPeE84yZEiZ20qMT32ab2p_hMdHORDntohEx06P5yW y9j0uGhuFnlRwnnTWzpHl1_mPeeVeMK06VLOzjgqPM6NYq49EcTUMQMwj28OV2col sr8JS79mTKQjwz1qOhYRVzLaj1mXrsNMZSZmr_LcJg0KHfYaOGPsvttWMV4z-6rVB hTg87imU6Dr8GqLpwlOx6mgo8TwK-5i1SdwQoGfhtLI8Nfl9x3grYoszUuZ0EzLIy c8Ci00Ue_Wfrnbp56CiNd6S0w0vIdZqXRt5kQz-P4SpAxtijd97pxrZArOXvKhHhN et0dBaKPH_LEjAVgIVw9xCzONtvIuO74Ms-TWb1ox1Gl5Ud3PzyB_klw40S5tTu4o iCksE2jRXpEDbxoX4XVVf2W-eyTBNdi6lS0-zGggJ4gWeeG8VYEYb9zD6JjrNSWtt 0ryVqvvcwGcRxhylD-j9TWdPJgyuHk2vxYbDng4yIQrYO08xoTsMOgMh-eCi1MLoQ Hallam-Baker Expires 17 April 2025 [Page 30] Internet-Draft Mesh Protocol Reference October 2024 8oBkjFflRZ2-IvpPRmVIT-v9dinkCSYJSUAEga3joafduPcqAb3uVQNZU--Ir_evR N_KuhRCFvPeHRuVaJfE3ZHLoXr96NAzOZScwV0wp7oqgHNxnrzksWUJac0tAd9ms3 ThoWWTY5tkqmw_0hdrY9f_tLFj5yNXnnm56gxteBH84e4ediBB52jSpuKLaKa8-i2 iUVqJR0EP9j5bg0GoM5MS0Ew2_3QWjv58lkhdMj1UQ5pk1bAaif9uOm5OkCuAb9ry kskigSsD63U4uPsidFlcHwjCK_WSC0WC8Wh1a2dB4AxBFBMpuSNg_gzwsn3ZcCxil MxLHZyhfdi8Kp3E12NHmxJHxmTEz8TvsZWxely-tLjzVHrnhNcDJ4rRp9Qpxmjlss 047K57--zKC7Dcvydq71KLTpoG1SKm8z9q37LWigi5v5b1qbDDB7giL3FI5tPygEl DMXjiWOnHiqbZmp3q1Ockbhwz6BrTcPsXtsyPgnXH6c88LF8U_NJXYbkoTZszoo7x 5YrdTyQdFj6VrreaKPD15z4V6wxlN9U4b3bTD_29qtzkV4IWznI0JAEE9Dd2Y3-oJ CXnm-I5KG94cLMnuc2DgColDSUUsJwjz8iWhhp6Z8C1cgwAAivlHr8IGZ2u14QUyu 4jQ3Qrssr4GzUJOO8tyUZIYXhz2ytRJd_my7-ZQsYunclhaT6dlvqI7-H3y3hveae b_oTW6ITYHfOpltkedGvMhJJgx3vRA10X5s5p0ClkL2q4fAnySrZYkjj2KWWZmzdj OVWOyzZvJSN1kFwPp-c-UhLEQhcD9jOq5_x2dK8tt1Axq8CGzZHBxzQ3C1lqxNWFH KHwDiyB1_T73bLPG5FaaI7nbBkCbSyDBKDeWH4ARxxjgPit-jyn8xZwP4G2QmBl42 OqMavhkCPSfZwyAKcRzzLEZU267It14hvKVfnfwhxZuFYrgAMy0BK1CDkWeKR6aCu k_XSmPpAqGBvOFttSQcsPBFpaINf38el0ATz2vUYthS35RUoy65i5-ngSGZbK_wye RYnODJzVyy7RfGsHsXVxIBVFxrHnfw1wSK7QPNmI-7Qd9UOtXtn5JbEBiez04JqVJ hDf5gxT9dRK2pSHgdMgljax2RxF_PX2nSO8jLm69xAjdR0mznPsjC3SynY37FDk3N 4qR5rpcQD14SKK-ys2a0Nk8YbdclXJZUdJen63vA86I8n5kIyx3GTyqviXp9EpCsC MEJi3ce-9IwEqO9urTEPVTAbucShufORyeVp1FCFNbW04Nj4SWvnX8AMBU0okj0SQ 4fScQkynIsBFe23mpH2Ul236KYqwQN4miyAbPOsVGYsu76yfNgbW3LybTTd-wSpJk MhXOll_Ua62B2MKTdoUMOPGqR0j6rRp4DVqdE0jd0XD4KwxURQ_-5l7MMvwZwZtKb 98NJ-D83lJy_F5b7XghPYVD22xdzLYYI7D5LVLUSEn-Jay2B568mpmkyTDnK2n1Xl wmQv3z7Rox9uAZTfNPY5eNnio57H6w7hZYEnoqUYg31vK3QrXRXDxSOLIcb-sDW6b He4cabXYscj1e158eIX0m8OhixBROWwEhn2Ag86QSAoySPhexspOJfmDtTc1rlWGi VbVEfvuWiq_pnPU-6e14zIwSfdvFxNaKRx-sUUUpP-VSmiPTrmWZNCTVCxBLcPbZ6 ixCFoM3FQBk9HdQatLxeU9hUsLCoqOfKnPuWrhozrGpDtfBUGtM9dmpiIVsRXkxnH snuv21jd2WUDbh4zNIt8QRCTz4tq3av8HFNc1dem2M_OYbYpRqv6MN8VL2tdJL367 MNIlxQrV0aHZxxyOt7K9ViOphMs1efg2oXOCim0QU4VsnwSE9PzSmjsBbrKZDGae8 DJ-yqU3VJC9A8ZgWvyRo07N-Kka1dp2rlTe9hwJwu3IsN13Qu-QUe36qZGhomSVfZ ZmWVI3Ymna9GjJQ44MxVtkJCUePPASq6KuC64imqmNmgxPlKdEh23Ntbe8F3__-8M dqyZqR4mvzlGQafTrmoianreGT2sbPtPpuYWHtBGBmxpPPEDrMz7CsZBW__pQrfsQ cTNbSED71AZ8865aQXrXFMkksG3hGKd7ZVOpyWL_oavx9FfRD4FHewsiQyv5IXPsS FaUCuOciXzD31psU9SQgDARLHK03NT4ivpx0yNfvOCFV3ow_F0WWtnPRlrnjuPPeM mK6lHmoiaptQMpefgZDyRsa4MYi2aWvj5xM4CaJfYdJJB6F4BroRCSk955wbvzShp asQweP_nl3LdzLTPpC9KDaUEOOm2SDzb_YoJUXZRreAMeirIg1RavW_QJQI7tY5FE 3JnZ0-FUrKtptt8GDXl4-zO4n1QeBHO1EdrhjKsbn9Jwsq00_6BvOpYww05mEBWJD SskwFp7lJJ2MO1QEPNbp9-vbDfxR5f6CvMD1idrXowPX4PqlOBT1tM9i9W04F_jZ_ mZ2CdYqUzGG1jmUfoPra7WIdM1rcgOt3xzzr9KcofiMLuueSlGvvIVEg2dTr8OOAB pTDtxubNtHXaCpLiZtrteMaIbCkji7sT5iK2GtQJ0VA9XaHSub9sKayzX32KYf_ct Nvht-Q5Jeff5jSEvWI05ifWbNVfF3Mt9BwBuPxEJGK_sFWMIlaQHDwIkU-qXunMnB ThpcbEDyDx5D7JCxrOQfeUlwVA9LGvXPaRIa425ybKYMe_5draTPud5oQkjgCIiuC 7UUGYEyXFxmqI2vUTlrCjdf7p3EsLzHpzgFjzQnWYNFgBs0qr0tnlKQFfRm3F44XR 9_joH_shMOZ3YC-qOC-2o7Uag7JLx2z3yGU2_igbalsCbh0F_9m4Qt0KxESed7pNK Q1KN5h8XLr8tehgYE2nJics0wTqdsluXft1xtXlUh5zeVEolJiiJaj9AqF30VNtQu ucKINFE-9iMCMvBWWlHJOK71nlkiRI9FZ6Nfn3G_0wnOS91_2SkfFbFm2JYPqJKot i_SMIi_YDPSMEhBv2D-lMHo8HPpQJGyIlTxooFPfhws5hqEkkj-phmYgG-jiluo5r rtiv1ctaMzv5u3QBU6QI-5FYAyP2qv7KgYcsJS135dzfmCnBJEyjxT2T7Vrrvukt_ Hallam-Baker Expires 17 April 2025 [Page 31] Internet-Draft Mesh Protocol Reference October 2024 VaYDxmD5v8IvXqPCva1Fy2p9p5lTW4vwODXuadfbhiWgGkh9x-MB5JO2c2Q63zsjC F5QCIUtTPKPbLnryUQJxm-VeJ0Mk8tRr4e46-vHbsjAGIxznBPmsfk9Vc0Y_TSXsZ YfoObRWN5DbPFBG-v8j_9ptKE68UiNJgFwfCx6WhnAYdWTGNBWqyMUx5oUnot7P6c YPcw2nPsD_uh7dfVha-c25hNbWLZXAdtikSRSRrD3AMUGXwasJZOR3xlge3HRda0T 6e2lc-cGWbN4KdkPBlBSvHauswJkRUZxrB5-IcJ4K4ix6B-5DXss3GmcVlau_h8bc 2YZ2iUVbL2KMmi_PZxO4xBnKMUX8RLYeix8ilxAmhJryqRGDUScrK38WGGW7R-Po3 VfMKtDBB1NE36H67DzNyfGbz3n-lVDZwh3xxnZvOtYbp0kZ6O2SoD9CmQQ5h2PGIN CkmyqaoXLHt5FNAcQamExyKcLi0vkMlnLW0efnVBeqZYTiA341fV9K_1Wzzteel7l 41VFtuWwS5h5HmiCBsYmPiPmZNGJdp5ZC7TwIfkYhw2JIfveYGsNHBTRS8FNzCnNi Fjrmba-CxETd0rE_AJ3BceNzcx8tvISGxIGyff6twwB_a2A4Hjk3QUmV4fkI-dBMs fGXs40GCcaI_AQObkCzYH8Qkz84zkyVI2JtH4CpDZMSpxIRRJm4VTOUIFkn4qwnkC SwRp2z1Xz56xaPUxugJ1zrsFtqnNQfJe9jngxicT8io5wmRCZanZ8IqZ9l-oXR3EK 2Kcvff6vD1p-IBDgc8N7GdGlaOYUPB3vzlVf0hRQY7Qiq0x3EgtVJN6CsLlh34Ix4 DJZiyFrVF-IHegiltlFfhSVvigRfa7hYYxIVw0TmyfaICeqqeWAL93NVTX2O5Sk5Q HlP6llwaCNsWDPgogiFyjlCRjTmioJlnxvijgJUHqZnUYnteIcicFnAeTuKvClZge 4I0m9cOokhE5Q6LlatVdTfGeCCsab1-HILIceA6hxsx_nByv6OOOBu-T1q3g3koLy Hp24rmHjSYMc8RAha4apUMe_L9IQBucAaH1ttqx1GDd6M8I4ReGBmMcD5YOahEM7i 2ywNjLeFiXjKCAOAUIpvRAm9pcFRQgo3K-uhNs1CEUz1Tck2hBEcLW1onxXNueDr5 lPRQOTnPmfrw0YiC-RJ14TwihK6YFtnPytzRTBkpRKvwE3JYXggKMIWpetMklGxk1 LGyXPiytXKZrgivBxSfI4HMuJWf6j6jWdbRYDdtiZJtmbnBbV-J1Jof_Erd9LpIyi YXB4eonuXKO3cnXQLdZVRSTc0nCwJqm27XA-PdzfDHvY4e6hStHelN3D76hBhAGsC 4iFv8U3As6Mwcms88fZsdW2pXahtgUPm9mmtzBJ9EK-9vpZxC6YouO2nuhWDGfVmy Sn7S3HXhNNnwD_jlsLz5U6YakCRlLVosRwXv_WT1m3HTl0hmJsOGvyCV_aJHpZtSo aMOTeqNlMCMhHZ1mQKmkZ8b6g81y79q-2Idqp321QAjhiReGRlueCDD-Zewuru0UX vrv0D8bdeSjdSt8aahm8_IXdQsPKbonW2zgYWpaqkkMACyTEyFmiB_nttTsP68IrW 59gH2hl5mC8BbJvEvdVrtL3slA24_Zd29PvioUoOQkpxUZ8tLqos7M-KbEKQWpBe5 EkBY7pBhakLTUXHX6oQzDQN2PucmnNkQaAZ1uOGShU8oXDf_W5H3W8M90rsV9kH1z rxnIx87iOLJdbAAG30t3HuNfd4feKtNdB8g-2A8-DHcItMIl8NvNoizzHoc_X9P6Q AKeIqF3UCCtXiFYRICv0bt-FpMoPZioOSZ-1dD3iauugjy1Lz-LHynrMBA4WAph_E MoPDqy1Nk2-LRErfS-2mKbaFidSfIA_aDgssCR9nsZwA2SsKZ5-bZlaHRcP3iH8-W 7LPNKjx4ZTHSq8W0lpez4Tytd-4mzyc5NugaOQ-l0TgzbBY4PNW4A2_WnxmpJ1xad xbOCsnY2mV4bQSIbCYKibJrUpzNtSWm-5cGx0iElOzeVolKsjdgby7_Bn9q5VECyr 0Pcm6CZ-HjhmbRzgHqdlIgsv52jZEwwBDAe9bDE84tvnoqLWJ0Gqqm7_oYVJm6S4C JE3VadRYRbV38Sz_8_ltVtGYGDGR2x7t0UyXFSEOSD2cJ0PGjCJKL3xPnxJHN5g1o O--arujsB7gdSF-hfLjQVlzfrbBs4n2DRMaiXX9O2toFcWI4vEyC-AfXodLXnc_cQ AaHwLgCDDHJWT1EF8l1fnPNCt4o4nJZxZ7Fg7_M0iGmYrY8JlJ55OLO5KPbzuWMP8 eQEMKFBcUSXIzLuVu9h76W6dwyCJzslgi1oDj1G2fWstcc2i_3fpHdr47gBE9Rb9Z qGPhcZIFTqIlp-IL6SekFONhOD_nH5H-ImSEu21pTKOb6SbYa1_9s0HdufbGl3oA7 Mze49xrrWP65KpVuAjrAaHO96gKnofR55O37hZRijbLPCK_74Z9AFvww5At2UZ61l _tefuiUN14nuwAxFw91AXyPLPOSuwmM1k0B0ihbvNGvo5g3pLCjFA_3lH6kaOomA6 7aQaKM5lWAFfhlqgj1z9F9RcYz2D6nUBpkSmwy4rZ58ua1nz6BTMJ24r2ZATML-fN k4dOS8l07x6f5CFWDS3L3i0fX7HYHtqTTi-Gd08XZ-FcHw1wfxKlhzix-ncDmHAOW nzurCeEw_SOAuBnrEz1LAZp8X9eXcJ2sm1ddM9DBtJJsgj6qycfNF7Sf9oa979jQE iCmY2L4zf7JwP2eTX4NA8uv-Tg7g9U1iwj3kUYOjNdFzDCSJksUIfhgNn_obRg-59 _zE4TqzZCeMgb6wtMeNZ7ty7HONNO8iFwjGhySO7cGqAAdul6Pgw-MxQ6HnYjLl5i U_fxvo-bM5opkRVLQmBR4cn27CnkMNYhK_FAXZ_CtjjNTB3tuFhhafsITXS5tLxGV TkMwPXw0u22_Ut2sm8_6V6u5w2LnGazZxjUeqoEQwsI_qpnv-bLPVlvZZLtq6VWQT lq6_-xXICmnQxRylpfz5yRQ7a_8B_qdm24QB7IUZemCMJGaXSJJf-5TFXierDY3SW Hallam-Baker Expires 17 April 2025 [Page 32] Internet-Draft Mesh Protocol Reference October 2024 pacDNBWjTlAfCPlrWNveSlMVnczz0uoBV14k30DXJ1Wt9EeaMScBYMZBQTYeJwGAS LKDyaO_sNFvY2XWRiDtYhtNUgjU5NzXPNgX7nKbHdSPBo1fIbhbV3DKYuDzVPFUQ- ChnYOxp72pr8c6RghbYN3RBsyV_kPwsGI7vh5ikkStu1BJhfafgkdflq3hjPe7DGU cbbXYPG2cPclmRRldx3agoBFnRWZG1xuMNrA3oQ30Vlwol9WcN8NSvJwhM5-igA1l xA0VO7UtsnakSGXnSvWbewncusIdGwcyfAUt7a7VsNiMr5BmL_nUAV1PWmTOuQiWl nLryJgWfJ0Hk4F6JubQ2MjC2VCyUF5JtLh9l50ga8ehSbNPP3vphcU021fh6e0Mjj Os2x7P1XNX_BZwEToXpfAZRDVc51VVsgp4BBaB3ips8wALpPF5mVbAyb-8JyEvIYv nAaqNQgQYS0AIZEuYHLpT9hSlhs69LdpaF9Fj3iK8k8Cf9PSF_rnjvnYoUUn6jqoy m6QivZ6YxzB8sPWtB14ZuW0euUPBVvoFhP8ZykdLBg5U5wY32ZX0HsQZmpKmYNl7f JgnuVChsi-Fj1ubz53BZsmHgk_UFzsxykZNXt-uNE5WGQNan_dYnD_-0QgYvSe0Ph dElJZADtJ4Pl48xcE9Dy_v0q5KViyD2IfxBSwDoHsWFfMLRovYxFGOh8VVnky3bP9 eNYK6IFk8PmhVXMaycAjdJJy-O3TwaXS4iab3HEmShDhLcxUUDxz8ZjRHitzz25L9 W4yvsxSRNzjpazDke4E09d6GoOc8gucpFbm1oGQfA4rJ2BfsvTfRsc8ESL6tvm7n6 CahLqF0vp478uQsqZYZ4DIKIEIkqeCulWjm01u0PtO0TWmyoYgqByAlQS0ISOSUFJ eHV4OIyx5u_EhfuDbwEer2NhDi8Q62ugj7E8-Q5j_a5qUedq_JqtJpH1AvzM5Tbcq 3G3sZ0UQw0xrQtAGRKsYe1OYRG34oRfVQuhy9498aLGIPhRUp3301sc3tSBNUEnSV ct0fE6x7NXv8EckgeO7BSHoHj3tfjKlRhhZFTmFKaLlhEm6kVmyg6SPeHPxTQl8hM Kpvsqf8XKN7YNWUuv0fK2iowDIlGhh6kfsF6CqLObkeTejjf3XC59vCQXs3l0Owzv XY0albWVcU1Mny2lyTABoAcno7k56aNNWzg-YW90jHhvaKUpF80Pjge5B3xlQ5-uO B7GkpUiMbY2dnH_YPm7L8DCFw3aZXOf68JTh7N2F16TsZrWx3ELVBz6mLAayeaxp_ DzRCnBXoD9sLZ5lk9XyOc-O_Aj_J9Yanaj51dEyzPR76qrqNWY5xDcsZbmKw48egl 5yZ-2yRQFbSaM7hPFBssPj_X0aTe-0TEwV5KWxPUHe7k5tJHXDJRQ5b8aaUaT4vwc iGQurg5m9y8_-xmmL0KAdmOYx5x4IiynO8X3idufLQTzHOvJ5lad_dWHMu6Rq5Ksz AoCha9P-v4OgwzQO3S0Wj-fbdiMhBDM1s6cbf_nJ2-I-XzZpqwPwOmo7KRHJiBiMI YhVksCXDN8RQb6W1f0FH3tWCjV6PWrZwNhvItmz_nQtothRBXqFx1HfCkU4-3Jp37 cUGxAFCubor3S7MCTFcqakp1fH8JIEm-uU0DaRVftyFOW7tJvMMNGYQ15c5UXc1JP VsS_htujEP-dUjYpHkYPJkefC4jvMW708iZBpqZmzXi8-4fXug_MViUN-R0R7R98U rtm4RzOPfrv0lK1ZZmyiE7wD_gk56k-fxqfzo4PA0l9lRxCwMcWgokgAeyUlBMzYt 5RRRC1mgfVTa9B4OYvY0q1iCy43lTDBxK-R8RuFeQUF9cmuQljDTrQGF33tUQnqEY TLCX7EKgYq97cjYZCuJjy6q5KRLFMUhsAYB-VGJoYs6tydhVWRZa9eqMoppRWehIE RR1DuAms9SlGuItX1RYhQz6FaTE6uYS59ZaYPTDcp-OdqJGbHtHRpuOKiGCffKerr bM9i9zyeN5doNBjuGRXkVj8NJ2CPNb4kMkvUDbPt1qJ8fnVuJJ91etauyvNpc0tp_ EGRZasqfEIrBp6g9qEcXNLrjufSqW6D2-PSBER8sTB8BO9QcrzHTiYiTpGvcLs1d_ G3aS53HXiXK9B383wdIuSX1uZbXOZXG8ULRpPlgpgPz6iiUrLkVBipYrnVvNYDkOm RPne-80Rlktv48KlAP3WFSYd5EGpKBe-Zt9NHdCuqanGvklunprl9ldEF1568AQTR MXLOUVa9Eo_OrRgiF2zAX3ArKv0nCK7_K2wu4bAqMaWwdryGSwrrLyhuWFfVbKOdm fCGg4k47Zp_3nrYQuzntzdcJ6ViY1-wO9iFCxfzgXtG38L7gynI3I2q_IOzXegaZb ELjR7rzSFJMyZnCC9M8qVJcTj8WCRZhrQeHF01aopOGr5gbjal7kK7IVv961AGrUa iiOMlbjwDUoPlYdfxcftLBzp2FsmZVzjHqYbzEPZAuGeU3zQZ9nZly56SPcqZQrya 9Ey6u3h83G8xXlVrSpq_xB3B0BaiimYp53JQ_GvsRTC1uaWoUGEOAyIKaj7OXjtYA PZmt7P3bTFqFSLWVQBTh7EkS0zpzBBpE_DkC73zrfe68Izf6e6CZmqMPyRfV1QANJ 34ZGPEI7cZACplUccjofuTeS5GHiySGYJSIi5aD8IKbiTSlAhJXvlQ_dW8lNamZ0V TVdiHRsmaFfh9ZHlVnNAwl04AQQGXq8Ixa86-O5h4yZyhJ38SomgpBT7zsemIA1C5 msNFFBtOlFOgrAn02fR0UUrxyNeuQ4HCGTo-7JycB9sr0nAJIN8jhZ4IkMsX5o9sA 9vWBeJKfbUR4106pc6PfU2PbA4N40d1FGPQ-8yXg7TVMCsWp10poT4yK1sN2Im6sz vuuwWrqzsEydgmuoI3drCXf63gJIqphRwMm5dx01USTPNnMCRZfWBjRTC6EBUWCdV QcOZoVAJJV1UB_mdhNhoJpeMNMsOIpYbiISInMuISqhLUjTHS97ZbwtEmVZpbXwVP Uit7zpRHch1jgP1t2Z_Yvqhy01GsYo3-gu3jcjtyKyili40V5ou-Q9B7R2T7L7BXp Hallam-Baker Expires 17 April 2025 [Page 33] Internet-Draft Mesh Protocol Reference October 2024 EGSeCkdL9Eqh_Hs3dTT-gV2v6mxbGy2Nr83vHZ4W9b9_e5Qe0ufpd_sl_7c6pzl_V calt_YiQ9Bo01MDpOG6swtEAM5Y0-jptWZuTx666j_VgiLtPJc9Fe63Jc34OBsamq gB7SdyospxCZmhqX_JvYIb8Leb7oqPz7smvfoAa2dC2hgVcGiaSOpDd244Hp_sGd- GfibMaaFURprzwphIlsoYoMVDUuKY2c3UTpOfiMVKfUk7x-K6wh52vcnYD7jmenrm 3X5qRcy6ujodElBu9roB9w2t9Q4TR7jzSsTW0qH1fX-5au7lWtyzAGcvPN8ZTwVbU QdG-f4yzEtfGVaqvdV6Xu04uLNthIgVBYNcZOzm6KszngFbqBefLC-qEJWAxqFiec thhlos9adCccMWla5Urz_fbkKFVxFZH6k7bJglkKI_Vv2k8YXyxYK5hLcO9lm7FLJ CiUc37PGDkfC3vwNEwAYUFvusOA7JUnBYGA5sbvfPYN2wXIA0M7iiU600LUM6eo2E aPLek9wP5ZYvwrJLqdg89T1Mo2RP3km5I2oa4x3ULvtMoGH7N0Ym26W4m2V2_hkf3 118vc4plKIpBZ4iuDsi6jP3Ak49_rP7k1guRMQFqieWfWV28n16C5XjPYhDuPreCU TQivKqjIEtgwZPb93H4sANLeJWGKRh5kdDYWIhTH8CbVbGZyUerCrhPXTRkCvZkXl -JkHYiOAZd4eGjJl0oG7MQEwH1NARajWsGujpjpnzaCZvOjC2xkn_7SmfgDP-bhSL EABqQfZiRJVKDbiWcBbTM7t5NyNFY8XfOCl0Z44QRFktOlwoAfhfiZn1cZ4IGbT_4 XXj__Deeobt9gGCl8WrAHsDAcrdudZY9xFCNma5UmMeaz_QrsmLw0ARoq32oY1j_U JjyXYLykz81To7sVvEMHUJi5A3oHHSm3C-Qt1wLBUycdDec5ze4RG4VZTFZWicPkb Zymg8T_rBU2M_vhhWsxvaFaMpWx3KY40MxNCVZCVZ2bB4CWmkiefnutSZHxxJvFIB Cad1kk9VMTlfmTHR4rohjX0-h-E7oyppJviiNNZ8Nsw-HJae75oph1UcptSEshb0Q CGUn1BeZD8VEfFwCudusU7fYyBrV9yeg5jkfh3xKNgJzdiuCwgeZPUj__QdQnOugq xkrvB2UfyG6-s34V_LEceI2kxNNZQJ9eLLHHDBX8_IXSoGK2MK6mQffqr8gw0kQNU OANWdYXv7q6C9jNx3lgxtEarVZ_I9_w8O7wYm5CSh-S7l5pfcJPL5wjXsrU9wUXp0 cOeQJ-Mk43JPltvhp12efJSVk7kikfz3T9dhkz3WF3zWDF37TkctKiKGLEVZTgYhQ BbAje2F6hM8TDNWmiLGvLWcQrHj9zPL6UJHdtbCK07y3ErM9mUF1TeaNK5_79ErFP GbqLGdgjX8O2C2Fb7FP0U41prdILc3sG3zlJRz6hHaC5WASlGpY78lHwAxApY4wO0 wSpQx2RmnvuJr6IgaRdePTjiKiMBOclz7rcHNIrYbHKBHHWwtF_aEtcQV4MnWe7Da XSR4gKZYaWmx5zxhiRODeCCFAl9egMZBwy1AeTO3WvR37KUOHXApliiM0_Wxc1TDe wFMBh7cIwMsTNeJFRBWBP3vQLCkR8rwWTMw1vjsO35TB6rFTDZzGm84NPLbSWGG6M gKrfuBni5LuHL1tBZy4hVrt6ov0DF8Ond1amX9P9o0RpzXl2t5kSD9pkiFOvMnoGL 4YZkRmuqFKulxFO6J_cNxVb7gMo3lqEfeszyy1eFbOyzBaQRZQ1cx5-3cFEzuNkrm 1PWtjqOWuuWpH9XdcUvCPojjwepox44A1NUMHIc5laEO_AZOo1ApqoXzqAKow758s Y60G4mSQi09goSKBA06x_TnCbR6nSho_yb9sjcoq6hYYHB7oPL051Y0HcoOD913Bz bIHZMwxSQSk6VRX4Rp4p4zo3a1QPCIjtF5C8EllZ2zJjpn2mM7XfdYb2-EAb4I2t5 zSunN6kpMvuNgPicXrvbBpfR6cMjTDxsFAOa1-WrnqOaQcFkEVLd11q6G-4xDMShQ EewDZhhRqKMKkbykS6ZHMQUG6Y27cMe-B_vgSBHHM8rBebxp3JSu9Du9e4H1R-TSM KpWp0zRsQPHHz7LnJnniS5W7t5RcaugLXJkfqFVtEeAmc3FPb_-P9F703Qg-NIJSg bs10b13YAhNAyBRe7w9cY-RnoVnSBJ27NvcGUDNUL5QvVMJULoHDs6ZjWUoypLu6I bvJdHLxIS6j3omWXU9TkACPOLOLvPsllg1PhYypDnzKO7NQoDBK93kYM8TudWZnUS Sz0ji7X7hoGxMs1dTanrpHSwGarRDd_l1QzlwpMUC_DYjux3EgpBEkChwQbk_ejgy Z3ra0FjOBN-Qt71bpEi1UypS7H39mKZN4q3AfTnbayHa3vyRwPJdYS_K2fCf5vahL Ky1gOp7nlj-a0pHvwl3sZSsFNnKN8bCQazPcXE9luFCTKBwhSno83ZCOKDpJ95Vl7 KkUy4GP9q2m-lYPgr5r9hVhT09x76yrO8YcM4FAhgSnNuLEQXxb0dyyk3T1olOykL pUrUZYrjgFY8Jyx0tMvza-8cgwN5uhCOMPq0nzAXryzWvsoemMRX6FdWbd4lz1Mz1 mFDy3mk0D2zcl5rukvtp2TmLTr3fxMj_GlRibx2h9GmQ5YGwtXHRzwg1HHEBGdpRy VlQvEH-3HkMxl9WR5ZzBhkw5ZM09u9TqiuDFzRrxkxAJPdZm4EjqFMyfYGblwDG3n nIh_qxWM7Wh8HcFDdG6nMNIL9a5FBKJNoADj3VAJLk4N4M2R0SEOFo6f6w4RMM_oL spo4jd-EHRS5oVO38aXUAbjghPWnFOcFaa3JGB-a6Q19V5Kdd7GctGfgmdfNOu_ch 0cobzjGXAFJQuYl-XAnCxMpztF96gAkWJUaZqTtGEt_9YwcmEMMvFOkyYxBsboPvA PD7HlJizkPApWNx6NmcNO1Mz0yUK7EWeXxjhxxmMnauE4a88B1ciqsIQYOQd2Hvgl a21aCgW81ZdSqmSG9cn49dFVFVKDynxMcSZ7etVTIof8rW_3vH4-n7SSD0FIEne2G Hallam-Baker Expires 17 April 2025 [Page 34] Internet-Draft Mesh Protocol Reference October 2024 F_5uVTPeWopmmRred0uUtdBllh1OWmqRNlHQuy9ti8BEiyQe9g72wrT8zokLplQFu tpByOUHShR26MeCy5NQ9z2ArMrM69UBotD56wceEYBVN0sT0YFbXV-SKwa-20DMH0 1zK3V1yH7qn1_24oya_i08hMYV9Ha6Khns8vrPgsATPm3X0yscnVSXG-xuM6M_qak XkTH8nTLplZUlFt6oaTadJjrKBB2gOowzMlXe3sy2XEsXsDNZGGRdxLGL_UsxnduV NwKlB2esUr40dUYz7nPhDybOp8k_5igXbEaB2zAGSfjERkuszFnSn5UxJMvpCHTWn _IUxdsXVhUuhCr6TVpmmeUBSnFr4TWWpjHUPAjJnivDSEtgm4JnFfmbk8YfjPohNX Rao_VIvjhq2ervXgdZvC-0Ih1cS7WFVQdNb4Mi_x7DR9cn4sZknYyV9P8nWIM9xNf FsPrZkp0lx9zBeHaKyOVfyg0EXzuGkUghZ5EhXyLIHSAcSYDql6kqWGCctLWoQ65s rxlpwKeUQOmEE9bq5LOyB3scm9K71msw-b7cWFAmdZJAN-To4h_hV7JP07aO8_l6t vH_k-3BhEnYgDL5uChSJbWjmd_LJeUrCWrc7YKYaeWL4f-bYvFILKAuAhl2KMs3ub ruOj4Vj-FSy7lWU_izb3KQO1poSQc-U5aCHdqqZqCMI-hGHSvsFHh6QAnruVCJ1I_ r8lPpvaUnrEVI2VOBDqzc1YsA5rkvCJrIB9K8A0nvurqGg-uleOpx7m4dIRlgLk_F Woza33YM_KgLMicuBTk9YyLO_iVkJoFCE0cfNfKfRaFop2RgvV-s2or1jVJtDlTO_ VK8xZr5Wbons3uXbLY3_Bndt43cxeHOT-Ivi57lxXyNItYLaP62GlfMRf67Qgzsei Ew9Swm_lzhaBEnj-rLjki4--BMCCgLe6lexzflpcjpjBRXfsxpOVf8G4VqhXPZLQP yURLJMJJ2tF_sa0nVlVYrT0x78QfHTVvBwAqayi7rhF9SPfnd5lJ4UUQRm00N3-BR _XxQ5pKcVhvATAWhhc9d1P1HPdG3DDNYe6t6Z1ceptVzp1PE_Ne2F8a5q2jVokiNC ftEkKL9nIkgu-f9uVvlpaD4OxTR8ubyq0nTzXAQEy2X14So-d7uljT-C5Z3ycCIE4 dU3QCR0TZsMzGu1xdCJlZHvXrP0roH3Y_ZbgtlMl4I61-xIeeJwmMWJ0yn5DKVddB qxBSgET2K1O6Jdx5hynjnsWSuYm88cZrM3_XCShIazH-4zOaw_6knq07-ZpCdh4rO RLkzRKUkqJPBUZYN7uVAlG997dm7dNBHLGLb7szPr9MkPhWXxl_Q_5WJd68NkfppM CmOtxsYIdy1LsYLN6kBBtr7-bnvw8p2z12xeNTpRT5OPZ46q5MED7kEjcBD1EQWLV VUjgv5ctd2Vx9efO6BtRqdttUXd3yM3wNCtzHqZNv762T9pWVDb5MeIihjrVr4zl9 EEwW56o9VYAFccYwEbybJP_mK2taeEIz4M9b7BkZv5wfDbSTJj93JJw09jMYag5uX WAkEk_wbOZPe2-M6X8cr2R6WU1UMIMXF5nUARKRrXASc9UgvWcFeQtI_Zbrd-Ehj6 kgmtfw4jMHTY6FsEufTLCwVMXWRYFnB19u9XT75EmNuCbFICZPQVt6aBkV9jUMmRF 8AiA3O71XLwakh17ddd5TSBwXmuGSWMvN8RNiRyxzMmZhLHfzxqZ4Wi6qOYnrighi BUaLHCwpWYHTHfLdh0YOLMSGhst-fXRkyKht-VklDjQ8O-6AKIH-whNN47tSWdmY1 RxhaQKDfFc2k8tWXVndBobng-Ee8djWhPddrMR2X7bq8W4GvwvkFFANtT2ZH5DeLa 6AumUD6u-LeLJoBi5a818VLtbPPlHCTihqZ4UDikgrmmN5LMjv0-WJXkhcLKL9MdQ IXVRoL6TNBX0P_cPoqrFG2uwT8IWo_qJ8ncffmHZgFYQUMuVEcNfEH8UdqQ2ocbrj 9-jqCBf4Se7zojVJzSgPxZcL9um3a1KPqYg1lFEoUTDCVpGgoFdbu1AJgPX3aULHp j5fuDlvwQzCbv2Jy2YHNaqlia1qILGZCr2JrG9fK37jutkh-OBhiq8BFUPKG7N8rP iabe81t0WNssZrnFi3VGKWhdRqHyLCRbIKLB7ixAuK5rn4GGD_oeEY4W9huuCxGmT fgyByLRAM5-GxoD3QV9u7PG1j6Ms4mgLrqL6tTIQZgn3t_wApmV3F1gjpik8mGMEA myGXv9eB-x85gU3V2kcXIa_fNyG-vqwOuYp3DPmqZNB-zDRB99Kd5q1FH-V6E-Emt CFhlozNgZRuQKvO_TbzPCDFDUN1b6aBjHsvkskKDqY9oZzB9S5rI61hTcFgZhuGmS _pS9W7555PXLbr8mONIGuIDOD-b_SzUUxdRZHhdDKMWivdUxM4BPg81Z9bBTN52rG dC6YxZjvSNrFFZ9buO7JdSFDZ4UKp20Y7Xhb4FBj1jNkbsykh-DN2WmpDedxMgIqy 2QwV6NL4R2X8erNcSbZE1SlX1EHHL5j3CeH7mqWUOTcZhNebAV-kn0Qu_7gL64S7i QqcnWMPQI1HwzEvsw7XnWfWvQtOVtpbibmK8TXbjrNDlMuu4zfAM75ME2X8P0uVrn gprPSzzJqdCh2o_qzNttzbFHcWns3PDx24ClNmS3Hhar5qtQ27e_2OfjKrYd_qY3f wnQSQdfdRkIpn2qHuGD2sERXtcE1YvGD626KzFZSwFTBNiwV4eBGBvfTh6Ge8Xhap L50Wk1fi-XvFWzbvaX47zsRJ0iILD-V5wgBl1fAUWT_SSHn4fgDyhMUHbJoK_rPkk q5ZjYnlwHtcn66n9DOCDXG7e4-8FKTMC9wt2N4sBueHx0VxZKnheXFbgJrIcXAtAL VvfKeEiup8aHgQmVS7hxPobgzxv3L20SYw8KiyJf7bgb-YGkCqiwYGpoDifqnsBle fV97Aml9kK-juNgMTfTLKMwfaQkAus9Vz1xvRG1gl3t849AMTlZjo8aR9Qn08M7Sj 1YuobmJMm09uqd0I6cpPzdHWZgKcfHFCLH9dOnAiD33LB75oyghhyybnUb58nB364 Hallam-Baker Expires 17 April 2025 [Page 35] Internet-Draft Mesh Protocol Reference October 2024 Ged4-H1J5DloX58d3xcBKHnfytuNOJaF7dBbT-GoULiqb_NhX3Hz2PgifL7ELN5Y8 u6OqkcVvQAqWN8LJuHV3J5iiImomWy6-zpHKmG4suUp4_nlfNTSj3CLu0uu0ch-mn XjUMObm0sGcaWanA1mits1b6AjmM6nvFB8Sion5am5GzEQL2qsmdUVlpc33AQTQp1 3e0S_NKIDINHpW4gIzfk6Kle93A4WYUfdjGd6TMO3yyo8Pl0nU7yvfCro9AuFN3xX 5ZkVIbHjsUqwpN2SUwhDt2_z5EGnCjwt3881YxD3qdcRswcGI-Kr1eSu-lslct0xe H-CMzpfB4PhanQkLznBzRQ-35vod1icM9BzFcGqhyziXo8bKljJ1pXpIHDAVZZM5N A23R2KzBQ7OGsGLWV_2GzL648lv34zSfJblZN9Tt9dQ-qvrf-vEJFY2__KxMhip28 K8s54KhMSWdoJ4iONixRxl_QZMMIPqIhfaZl-kJHyYjMJLuiuXTFk2A6qHt71N0pm 4_K6zulfRF0o1BLYwLxek1F_FryGu45o-q8DdIbLqtLwZY1yEE37XqU6RBSfW5YM0 9ZGyxao5lPYFzI07grV248omD1llnzpewRkx18pqTlzhmmkIVjJ41PdRRWXqcLm-n stkkLoBbIXrpAiPJAn24zXLeKxfIQKAzr3hK39iURfi3wbA8NMIyk42vjfOAFWpTU PbWF8Uaqwqmpa_2tZD84nUl2bcl-WD0Xt5FHr2nviwDZscuDz9mvpDS3PCfC6swL3 Pc5cvmcGRtHBh8PZYBQ8tchO2QASHLlRl0PimJIhNRf14lAYjh-4MNl_TrTq39Gnr aa2NBLVqdFVluLhSIMZ16X_gYqbrKtWaN1sb5LyKYZPQEMGhRiVivZRApoLD_Gvep myVaXjW7szGnxEiISeB4uDq6a8kfL7UMKuschL9XiXgTVvIt5q_lJHNmk8ncShk0v bIcV0T-H-FOyocYD7VJvFqiamkpdkCYJO7AEDfpMPjt9ZPWZLUu_cpQFDLZUqE8Gw mKAsXEPdX1m0QNVyiIVohX3yw7vlV5G-tW3q98F0p0cZ6WC747l_i2q4gMQGYeZQS vTqknsg6x3rCmS05joCDCuEHIP0gHdZHC9-vK1gityao_BD8uVeFBxosDeoSn4hkJ vmBLhRN_wWJt10Ha45WBCunt_BOQwSjVC78X6eBC_l1vZvnDyO_lUS2ydr3KH482w HD-O2ycLoMJmQEyW6d_MWWPTLfhLb9qMVIXxekZKsIlQb66F_YAg3VQqkNUE8WiCQ _8zTMUV7bf47aKkUWz7AIi_29cu3NTdDzKY_O9MT11XQms2_sSHLwe6swXxgngoc- iWeL3QckatYaNJNez1JZ_sJKoyjgPe7k5CFu9UFnuIhA95LDJdF5c-MKqH2ZUjgNG bXLWX8qvbSEh5zDZdiyPcd6R0gQ04JcMOmu3qNuwpVqKq6oh6iGgl7JWpBP0FcTwz s3rDoZrpgl6PsjdxXgd-UE_CQ6AnGAkgCHCVt9s8vZxW7-_SGUHhDGNt085aWVwy0 AR01NYzNWEQMsK9oKIHCmAUi4hEc2rX_eP_o6VleUkFme5X2EHCl7TDG9Y4iO612a qVN9EgBOFwTxhdQZE6zUjXpyADNBlq2BKUAtkAYGzfv5ts1e-lZFQbR0Acy_1MrWq D6lpTdYMM-u3LNCk5OIiNpnipHJaNvQq7XkMtLuGCPoWVw44VdcDsMY4nOIzODs_7 SDRAJvnMSouyKwBxZ_CyIpHh6RGpCPdC1_6LEH4UZ9cU7z5iYTtu0UNpynQlXpyGp oGg8LxznqVudGw9QdsrMJyl5KUpuONbDRB-Dfo4NSWLwxt3CieBJ8W0wneSBbhmaC b4k2liCVEuzsg6cmPX0u7icZGwLj0ec76Myimpm_Ghy78b4Hqgb5dl1enn3OFd8er OEfXEHI4iw-4dz22nEoEN-ytonseq5iLyOuys1OQf6HRvT5eylmJfvLdBKuGNperG -KIqi3zjDaOwrFun9S9Lr2h_U_laKwkaqE7hkzZSOp_vAlZl_CtsU7GCz1Y7ngqvV KIyKSZXvOZ5Xd9xynM9mB38sPYwm7rTOww2xJ2dq98-1IA_O9jyCRyEMQlag-XzmH l6qcvJhZGmP5_rVpLarX5h85gRT0XlJO5b56Fc67t4Wrd1yakRFpilBa58WPNghyJ p5c9-zxV5e3HGhrxN-VwMoWuCZ1eYlvaVEJQW8GaZfV2gS1MuMoPBpeMoMjGDUzK2 zJ75GqNoZU40pxUGSn_D1o80pFUVljYgk41j8Lt3IbXKYegL8exUDJJ9nH3f9QbF8 4CU1lEaVeK1wujLMYO9Qs5lq5O6fUjO7KNBvjOmWN7G4fxkV9dYlxxlmu7XQZVwpo WNPD8pDJddkUQl5_zsnW2rJOLPNi2y2Sd8o1O_jC7O8drw2_qcKfd4Y1jO0Oj1vXW 0x10ljX3j5itQidZtEUn_8rxCngTMxYkr8wNGTlp2FxmYTWKfP2_pVmaOHzXw2y2p B6fCXx7MtoAo8S0B5UVD7PRgiQRIggZWA2pOzKsCLpfxbGPOddBaMGR68xGyJIsgM 2TIp3s6GAMmfLnyprffgIzYMTmOO81w4TRkCLgvJPY9DTLDMDtRS2EWtuAG2POVzf 0gC-FMdWovOJfy-vIVFTP-6fBaSCzjY0JLHBhP6LiDEKU5MrRFaqhAnIVDfTBN_uP qLoKEhgENepZDlEigwHmq9qkG23wx-RnuHvv5yWI55s9VMhJy8TCKrCuxweTqM8OA 2ClNGpFj10fVMbF5CKbl66eRYrh96GP3-WIajZ-h4_DT-d3Jcgkfa1GqsPi0JLjj4 Yl3_OESPJt57T00QwqcaGuoa61uvNCI4TDAlQsSHJBpSSWbWmPvBNV8SLXJ3p9B8P wyZHXXTHMldWBJyA1VF0p5QK_LnZyc473b1yiAQnQTtHi2bb_cQm4jzzMuJpGI5vR 4hxNvTcxhutNPqoz7AKBPZNQ-Xhgz7Mgj0x45SMso948Sb6LFDiAWESLRjpNijt_f ZYVeIUQFG4hT8TYdgz6kP5iK2BZ50nnE1ZpidShtgOJRL6Po6lniw1rvQYEy6dakt Hallam-Baker Expires 17 April 2025 [Page 36] Internet-Draft Mesh Protocol Reference October 2024 mXGtGY5gegBbLORcfBiCjCV5pEpCrzicSPM7vgu1qR8toK-JH0ZKdG7F7x_Hik8o6 2Hmeo0E2KjchBqKP2nTBzpJWhcvEADVa_KP5s5KlEKtsbTcVSRdvG02Mk8eqT2f0e hklaFNeoLL-zcoQ4KtNv7fKChQvV107uLIOgULdF27K8TDKzOV9rChoWSiLwynVL5 _KaQQHJOAZmI05716qi9y8AsH5Gp5KfRab0Hu2JevJAqC8m5adW9DEKa4G-SXBVKH ebCmOBeQeK2-NrGS-_3B-hOVS_vLpaUQftO0voctwR5nwPWkLTwBsTvLmCsxE-8qN v0SjORgjwgGFLkO3z1LJX3SAxieaDuJ6EIytYUCOat_X4F6DZjyCnMzcCn1WyH9eF ntrY10eSix3_3DZgYnCtK4pIF5mBwqomDoOzdLcqUeJThGOui5gj-faJX3kOt9wXq aeS4r7nfAzAN-4DMj3NXUuCTQ5b4PPF5zoHgmBRUGAnTmOIqJjdYQQ9gWMv8qoTcz 0ImyZcsUhL-4tp-xpzRbbZB84kG6obSOthXHGQRaRdi6lXWkC3hgkh4gBEwLC6H4L V7r94a2WzJ-cuhj70hRnFX4AkJ_FYgM2r5XIRxGVcgyb0z9BCulTIjLifUiypUv4- T-c8Xhi-aSgQQs-epG0VumH9abhZ1Nz5uuVa1NW6iqqQ62k_9OSUlOtZu1YWec9yN WMgdts0ncptpC7TaDOCUfZsczcxel-9MN-nJEmUGXbPDwxg9I04oaS3-2d-mwCXeB Jv61_3pUAPicFY9ig4_lXX9Nf7BSB0ihaSmUv5RvSUa1nVwTH0nHHNGxX9pvOA1J4 NcsxRWW86aqEFPXp8ragOm_1UMvwjm8zYVfHVDLWDGrCxOg93xmA1JdTD6RgrQh-6 jaMud3d2zHiQIJB9sXi0b189yDkOZBPVNDC6E6hWC4N4zGAu7wUfoBmOhKprRDf9U -jQ4TUUysnQcGr4HyqfX1NL5jHHWP8fDtmX93MpEpnhKDhL7sI02ZDwrSA0rzG6Ip J8GPuBHme2BcDx1_C6dev5aM5mLISqHv1q3Vn0yaB6OZRkkU-6wy4gaXewWQkyTwj IjKfLhOFrFvlqmTbqOVFC7KVLnbAtGzW_Sp4vBewskwzA0dqmuayugujJSGhbxeeW i3If2_mU6iwXepxWU3hAIGg-nB_UWMx_661JtTJYczhRCVSb12nivrk5bAcvbf9fy w-f_CLSpAjiBXs5Z4bVGPHBbk0hefxjvMQISmpATDhvZzvjay49ZAHbuvnDCHQowq 1fRQkJr-gpQUWIL_2_eLqL2kCevUlAdqc1R_4yLDoM_k-38naKlFl3hQ4pEOCU8vI fzrXeD7LvHiMfBZiWKJEjK90vwfbUmMCMLxiAlHNEjeVo1929DfN0oS8lRVzkDHv2 HaTTqPYhqP-BDJpXWV788Ko67nIT3PpwFqD9dd4l1ncpfCHAxFKCI0xekZ7qQQcop G3Ex29o2nYW1RPksivcGfBvBccFkmgVWitzLlVQ_NluPpsRLRU7WQ2_3mKI49vQ5_ KA7Ob7eL4Pl91YOTl9jAuzpc8mNnWbZnkOZuSr41nSjHiD06w_fjGDwdtYe6XOQ2s exi33y_3zXU1tCFFijzEe3qHsopY1ZTNHbTzyA1GXRlNDxLKtrHFnlUEd9MOH5CHP mBVzVWs8te0AjCj7TvOtWzLj-0G1qic2Lse8a709TrG6RKwZuo09HzIyCRn970C6P 1ZQjFnMYOkzT-wXEJEsGqv0ciTNJJwLmVsaiVix7ZF3ksSZ5o0pvoO5o_PBe7CFz6 lJYiRjCwL3uorAAmpX_qkZ9ev6T-vmaulj_prbB-4pWlF8iqyVo7JNl5Ml3OCyHgn nSiOwVmLnEpoqlsjbm598fDXT-qpc82IlTThu3JkvNqMFM02UUD4-n7gxRBgURZfO GuQKpjMKAbeuTeNTlIXzHNTHB9X89oaLHSq7bmR_xVbOQzTIexQm0Db_6YIkps06t nFkGTafw5zuQkqOz0RaMPuQ6p4nRKZT8ulJYUa-8sM_jP-XQhWbEHIqJzGGfvWLLe XZQFxfbpcEi6uQn86rew0L8hMVkj_t0KPVQVhiEHceA3Xtp4dy-G4fTOmKshKFAAa 6iVhc-rOwXn7cFCi4ZyzpPb8dt2B61GpCH5YKJnFmA1KQU1jxy_nVMAwKQM5eNEew VjlciWQBnoDh8sgSbusLYWSRFrYSJcxzFyhIpY80cGIEPsIVrp62CDB9n_IGJtarT mAiBFhO5WNl7RSz1dXGxACtakAUV91DY_6bDpRKTD3y00TekmGn6mcOBWFJAJtvfc 6ojxas570aSEeQIxv-dsTOs8GXnpD0BzS5cjSGjRNfymeCctXjg2QyVGqeYXMxCYB -Chc0fpc-pOKKQpWVq6o5MydtQfF2XNSUd2lkLNcqo0j4yucypDv-AqKMdiwZXcV0 GRjQVMqXhYKcCoDfldpWGvbF2ikjIDdhz-fP47k6dyNVselh0w0w2AczKkn-kpOLs 5XcBguyZOmBwceMUG2RgB3oKJfIXqqia02zZHXunX7VE2QNQ18hr0sCqVXToky_1N qB_XlfvuR7hmo5PvGQVf0UPJDcXM6ez3PPQEWx_aSf-ejEA5Cz7CF6J9wO2VgrkGp a7Uu0U5CFSYly4pcg2cr4iuVCd_QlkKIffpttU3PDKnafmbKWs65NVkOD-YpxvhnH T5uZAeTzn-ET0s_vGORRRvQDscJjjcNx7Mqin6x2nkICqWHt78XNqIa1qaw9g0ZvI xfBw-8W1AcUDWCPfEAQWxTT0tsCZvBs3EV1QTDhh2XfjAhUc5DEXvJu9F2NqPljwC lZmy3mHvybRIcnsd7DCdKkWfMQH-SHuo0U53vm9QVo2XPi_6i9BljyB3REhihf2Ds 7__W5Se2nzPG3RfoRNHVDHQTZPgwz2HRVuYZqDumBJKSEu_qrdsrRN5HtrWbTvRH1 TppgSDFVwFIzl92JwCwUpJv41VAgd11ggdY7TPvMB4ICKvkyiBp08LrEXOUz-rAr7 fvEXcGooY6MHXHDa1fUoNXRWqPAsK6jWWWJUQdCg1Q8_PVLbPmr8V2kfiB6cyUjAq Hallam-Baker Expires 17 April 2025 [Page 37] Internet-Draft Mesh Protocol Reference October 2024 rxCR7jtPPsv3kt8Lw2Xl3RqKVErkpJHUQmoLp5a-xpbPhS6kbZRYH_PTOK13wWckp QjxYIY1ketAWGdCuVKp3UuS06UIHPHJsp044KvFYfiq-N3o4q3MqOKFa7WWK_Tg8S Y6MsTq4Q2ukgMLbEIIBHzWxBZmI1p4ZMrZzMgOaiX5Rqkoqs0HxN2jMRerWnaQs-t Vz_CCZXCPnuKoz84jv23dh7uzjPSZdIkNqxDRTCcvMxAaLIRPj92OoZxTJzkZFy8T GNmPJlfuz5rDv1voQFgM90ghKBMPaUunOvx91eGxXvMAQeoeZfB1I_lOeL7JOMIyi SqJEyO--Mhlxq3xgN4BnBcgx6obNqskWNB1z3NZEINaQSXEq7qLO9D3jnVZSV8ATF B1snCiiN2nRXDKViy7Qi4q1bb2_SIsQGIVrktnKtosbrPOzsYS_S3APII4EBkh_OC fHnWbLRn_fup-8oqZiD7KqaKNy2M_13Jrp3wD-ue5vFwlcjz726EiJngUwa8xQhPC ZKrHXHVahMH5hRpZQ5XUL-Sj8R4E-ifjB0CBZRwBVDEWKF7XKQ1vq04wBhOp16mrF HVgwu6vcYb2aFny4TAM12SHghIG2WM9-8Kw0pY1bCm9EcmUGu9cKaBtPN24nfDwHS mKn-jyaax0zvzz5lrXOCsakZjD6iozWmtFpbbD-hZ-VaqZ0vDsXSVM_OYkSy3SHQS X7DIEYz6JF8lm7vVlZLG82MqHaU8Pky9rwbj_jOldqaVxBcP1imMd2raUG7z94y3B eq-78Zxhq29zS4Spcx0yoo7O7lY194PjNYVbpN6jDvjI9-nZ69YlQSELAB89soodc RxDdEMf5933Je_T1tr-s6fZIr0ZqsWp8yhgEzJoA-6l_2lJE86UwUYtuavYzpVyWM F3b8kFymuMSDX0yLlEEeqdT64NfvZDgHS7QcueV5XpyHv2jYpoB57YQQpJB5l1Z-4 _hUCFcNm34qY1cgBK7NXm-dVenBuuoGc6GlbNDuGiz_RIxYRAGS1vhTbHqkvFQR8B ZulW2X6Ou6L92DFSm91x6P9gIsnSJ-a4tBfN19EKjXZShxhSB2Ie-it4uQZKm-upW G1RU4WLT9hXY8qHyHuwhTOSTPKgfeVApvPthV7HDtrq46bQhXp_ibac2Wr4-pbtnq wZVykX3B9HyWUT9py9xSUqJ0yZU0vNPuQPJxDohwRDTJXsBEIygbo1R_UMdmco8-9 0TXM0hrQDOvvwepKqHXHk1eGe3zKfff0p-zeBm1ODwTS-jtjOhicFrxQWPWXGSDvM 0V1smkDmYdHHoof_DPVud9XsT6x4xHseK3jedfYqBGfJ6Xefq23-CWsAHSFzVzxW2 ORkZDmPnSVB06h_q0xVLJ5EljX3h28UxahzQ59Jp2Ggq0wQoqBLhERaqyETe-r6nJ 1EXv531TLCDOo5vB8BTO1i-VlYSFEsJJHKjiC-7wBCtMjrAtNCokgMXzbqSsoGoCL hv6nq2zHGUJeby-zWfVhbSBX0hqIhbzEcPTRFgynnQAdFMsL03Ymb-E2QJQlsvNj6 J64Ne14Kufayn5AdkDNSx-BaG1rB6VM_w5Q_yAZaOjgKMVVC5jw5u_vn-Bsrw-tNA 6CoWIuN-i0sVGXSAauIAKYo-N82UuepHETwFXyM6yPLuzuKkh7lJZoYhM_OFWz73p hX7JWdolQ3qu1jZVVmTc0C-DkmMFQiJbqLM2ovHq3o4YLdG-ppCbSBQxYTaEM7xSa fBfgU9LruKgx1C-PsrF6I7vpPeVAJmh9n9F_Ep0i-uBdz746-JO36ECkSy9T17Exn MZcdlZ9Z5hn4EtmFHYrAZWxqYqtrICg6V4lWn1OQ-ClVsMd8-53MRdwJ397fJVRMV CPeE6au0dNJQlSWWdiTPIWya7pf65u-fh2828cvBKYbe_64LI0H88kFa6xhd8uVfQ kqj1JD_2wr0BYTO5Nf6Y4wC-9w2pbmmpiIqUyZ5D_7s-V-PVl18OwXDHVJ0DdByH0 22GVfzlFsYAV2pBR3Zei2IU6DBSdG73L8mnTxPqLvwwYszms9-wyePmp45YE3cYRf QIBbv6sqLgj_z3Sq1bSDTlsMKAxSw6F-lybyrLkPVvSEFyoUGCaLUhvFZg1y7XJD7 4H_xgWmkKbzS2saL2MMkhTwd2RdFmTojRXpZcVO-9gF9Njf85yS2TRwlDelxBOIR9 eJbv26JYqmdo_4mS3nDb37Qu5EiOCwvbElcKZBlulkqAah_3Bzm3Uiz65N2oZgK5A yOwwgnGAiTAcr7-oNzMztjdOZSI_F4Jb1T6pIusXdlDGqTfDXoWk-LYdXhkUYyr30 XunGF8PXxiAcK0uUN2h-0Nyd1NouZjuRbWy0dljs15bOR40hWeGLy2RjORJAuK9LI AE1mz4-TmbmwvnA5kfaS41GJG-Ta0O2fAMu7rU8smO8bqAEqiwuW6QGmPE-0Bj6nP yFUCIpj4-eYRb9nV-YfKPOxHDRzuSLbkkU05Egy4G1kYsQX6uxutOOtoef6GU8IQ9 Veoa-oqxIZYdWyeD71Uz21YZaTjwWuxHFZ5nLPWaGU_8-euuvsAe73ZymiHhhdiU1 q1iFneyjjH1zklLJtJMzP7hCY5nJnw3orhQKj3j29NCVjplaChKeHmgD-_tpE6yp3 vEwx_LG4qqbja337Sc46SZzlyDvxVjU3InIBNOvba302FT3IdTukgEJmUeaR1oiUv uVamUNnd4QRd4m3Xh_-cVNKD7MsMCaj44QSlvbTUsYQ5cHSxR0iTB5jH1POVNKVjJ ee1SQYXw63ut77nowFnWFGz4G-O8KknaJb151FsuHORoeV07UHXRpG0ilxUWggUFJ LKACMMlqHqlUduAe7XJPkE0r8AEor2zbjDmSXzhIGRA5u0RB-f7VPDD3i278G2qIn LLk189IBDFW8nE87wtK-P6iO2jCitPg4VKwA-DYm0ltRFw_NX6Or_hBVha9TWPB1c 4XycfZPZtdEf4mVTOu8x4iN3qLs-eMVAOASTdBTGDulRp0-WwcrlK3sG2faGax62I eTzhOMT7gQRwhUfqKQjGyXOaxDV0rxFrn3JUuDvXxBDteouP8fXsol6TQRVwyzAuJ Hallam-Baker Expires 17 April 2025 [Page 38] Internet-Draft Mesh Protocol Reference October 2024 fv3sryfv9fYjNGzcaXFnLK0tyVj0DdiEvtxqFY3pG86oYgyv3i1YpyZ16V3VjJdtl -WRUI8_8g4NxsVztA29tm8GVbQBj0onBXqZ3iER9W-5FONYcmL-QLD_wv9O2PnVf6 mN8zcNsvSBWBVVui0oM2iXAbFS8DxLlRgVJWrReBE0rwm-EepBe9ZgIhIlIoeJE6h EDHnmYQ2rzYJg016NDHfBPdpo6wGbstJcRamlzxl7HXMrjaZi2GY_iL8_kIE1sVU1 c2FQgzlLLvuG3Q2EeNTORwTPaSUH77w01fEzAeBB3VX8w62kk1JDOt46KizWbrEHW zjY0c3-wmd3aZ6awSCPHxeORbAT2sV2jJWp5i4yQ3NCP_3QElBidl5AhlwZRIsJy4 -4YXuC4EpB9QJizKBdjCzTwo8kZoCcd4LeKThFTStU32xut9hXKPZ1w8qC88Kji3s ecHF0EgVv348zsKKwaG7nApMI9h3JXLIu5JtsMwwCrvPiKn23GWLWzEBpBLI1QixF EGCo0Y3LKNmY3hOCTBZhsxYtobzGUOMSXmF3zZiPoLo3_uNgYySGg5aZ4-YhDqoXO qZNSFx9Ssga7V7p_nUY8jtBVvBnSEu9XoAlEpnoBogO6CJRlCVVUMc8vNOlzyjL9O S4DuAV9Y-xl0NY4tu_3TMOfv4iGr34isYpxQu0qCuSG4esoxvKgMxjR3RrHl_m3K5 ForwiWogupLmNc7S8ce9hPa4pYIghx6sQZZX2cvzMeWDAo3lwN7GdxHRRLYP9BOwu u-rB45NmzHDzu-rYUbtd-4VDUxgHHnDpyAOQ22g4X0MnZKeBt9KLpnQPAgelKL_R1 zjq03meI9hLdAjzG9822Mfnjl2-ADZQsIArYRutohEwnKLKGU1Ig4KfE35KPWHdy8 HAK7fmH2OmEG_6FDCtx2ws9LIks3SkviaUXLtKMco582ShcUdh_zWmTWM_oQt0psT w6WUkJT26P_fyTOKxlDfbhQPkEblBJmH__GmZJhNdHXh5nAe26O42oRxYToo9ehJ4 zgUo4jNwluDusMjSA0gFW9xUNOZ83IBnYFKQ9KqP1AUlA_eMtcXmdii-TYAnrFRfB r6R81McAiqG_KGUfGGyBdxsjv0aXIySDrNbnw5Ymc6KRdRuXtq-3sumdIcB28Hz29 Pcea0iz2T9Jy_EhawYpRTQR4xxWspboa73_tzq20Pup4R-CMw2GOHSGZ-Hx9HBYb0 LUtxFt9dVdKTMliCftcqmyv04DYW3hL2_zRhpxlLJrRjfesdjOGZ7jJe4-mnA29z6 jy31eDKDg0_Xk7sY6IvLR-hItxbR1reOFwwb1Q8tL_AVKLd5S32TPlVP_9eePWZmM oJCGFo9LStcMDAakcoEgFwYWksMAn0ZsnEuXbMa8yrfHE3eoy7tdvL7EroMzDlWHh ZHdLcIFg3R3OnCwVlcvLuL4AcbUqSy_RHdyX65GvprGLlWazHXEXuKbTXz7k6cvy9 osfPp06EpDkaQ1byT6gWz6axdAABC7g8IGj2TtJScq6BcpWA4niq1TIKSjvE-iNFJ UeXbYSiv_ne8HKYp4KP2hW_XrAc3Uev7ZclQW1PFLU_XtDBZMFMtsVNpZJFmbt-s7 u4dhuDqCsg9a4EOJ1-VdDZC5FVrweUhon-yB9t3o5gX-NtULnmLjij_jCfM7oE6sT zD7CwY-4Oh1ojSf4uGVnCeP-NVObDc8zZHNROl61Hj4Bm7cPbvWrO0ARBJCmbLSCC A26E0wsJR1f6MUyD6c896nvVfvNb9UJOoH4uGPPkiVCPLtorYAAaz7Hcw9RlFI25S LQ8jSA82SwkAAQ2EnFNclvBdRne2KDL9NaDGgLSUTXpohbWvCP_zUBrtdZ6JEz0ps kSfvmQ4JiNQ-1az5wseY909W-TgpN2apMpsWVxdWcN0uCcmVkotVtrd2r2XV3tFkW hfrsTlvCFe9yvD129lhV9Ga4xLmuIhpeBPbLglxwc9VVbuRRhyygv1HT2JObgEBhW KctXsVFxPYx71_5Souu24GvR232wFEFsIs8WiQQXywI5NiLS46BAUbKvpZZiNmbbi 9nf_6wUyIBmFAQ4HZwpnYSGBS-BdIHMLzDXQmkgYnP6HHExMi7tSyNIlfKXyrmOad hla9cN0ifguz3LGn4l-tgmmYEhEAnXhAfWKC-qD-2Q_eooulcDlu3BRK1gxUUNHOc TO3YGufUml4mh1ZTbxVK0fxC6Iri_kK8Vla9azm8P_7elpij2sdl6qTAKSoZjeBwq I0lTqSDtDzllV6IiyoL7n736rD3gCgYnq1nHu6SKdUV8cxs7TmrgmgOFuxffeiZBn 305qAhF1WQe_8bFEnNkXhTHD_maGgnwSlqsKt7iD6u5ieqjIpId9uh5mXtu0IjQaa R3PaqZ-9kR_XBaYJ1FNHi4V1-XyWEBsrGHWGKFxsqGZTPlQB4HEo9i2pFmbpdMWVV YMJasNtmVx7JIUlkgNMxFuyeZdyti1tU9PFRcMVxQ_XQdzqFKq_u_8d2fSH9ViK7y Rnkbs4ExvhpP95JOGydnPqyZbX3X61zlLI630RYn9Oeqv70OORyXsZxw_9exIxQRz pjN0-Vyu0KSt_X9FChUnKOu2teU2zX1795inRvXz_dT7X6854ZA0XyLSEc4h0tWC2 SAAbCE1PJ9RJeQoaMTUiYLoHieYj5A88mYWXkHyrYplpEtn7_uMZK1bff7gBkx7o_ E5t0mBgFcsl1WKUTi_vkHS8_ImzY3f4GLhXZ__9ZQLPOrieTDsuU6T__gCAfLTyek ewuLq3Xr7iLWdXLvqVjzf-NeakDQMQ_hGvxWL5A2a1bSwJ5Hz74emXWNiC45h8yIe l1YLTJxA_-d15iD80Tu17Wgxv8lR7we25olxBICkVxDkjZNAGTpPuc4zMNJReDKdE l4g3QB_Ke8uaSxJaladJceoTo_Vu_qzVcKZRONkkBeHWEv-kicB79XRJ10TI4VG2a wVR5YwAGqPZWLJwvHvfNdELY4z9ayL4eo8EtmBQw7FcrPKy9m5pUPTkuEZfgc-aEi vQvWGpJgsB5VWcTMvju4l5rasGwVno7MqBkcsFzDoj-q-QFzYxu2CF2zsjflwsQoq Hallam-Baker Expires 17 April 2025 [Page 39] Internet-Draft Mesh Protocol Reference October 2024 ch2sB_N6r4Xod_xvhcv2-tpGo7zXiCJnmonMaZ5gru51a2_cRozVKYWnwXs9nTQWM lGCOKmz7ZGG9V9ocFsSYFyHygGZ1PxDAlbsepAZCVjSMUsDsz-2G-DaPg_Pe3W3Yv zZd5B7zEohBfLmTDClH3ZS_d2Yo2Zmi51tJuZ2vZRpjOC3a-WgCGURR1F5vCHxRw- 5Im22na_ekwAhqLWyoTYXilE3kpbkRXFPJ6TYOLb3vpFOBl0azqUVyNNI", {} ], "Status":201, "StatusDescription":"Operation completed successfully"}} 6.5. Publication [Future: Consider eliminating this mechanism entirely and instead using messaging flows. The means of achieving this should become better apparent when the problem of publishing large messages via a pull mechanism is considered.] The Publication mechanism allows content to be published through a Mesh Account and retrieved by means of the EARL mechanism described in Uniform Data Fingerprint [draft-hallambaker-mesh-udf]. This mechanism is used in certain flows supported by the Mesh Device Connection and Contact Exchange functions. There are two operations: Claim Post a claim to a published document PollClaim Check to see if a claim has been posted. Content is published by appending an entry to an account's Publication catalog by means of a Transact operation. The content may then be retrieved by issuing a claim to the account specifying the publication identifier that is authenticated under the value specified in the EARL. Use of the Publication catalog to post content necessarily requires that the content be smaller than the maximum message size imposed by the Mesh Service so that it can be uploaded to the service by means of a Transact transaction. Publication of large data items will require modification of the protocol to support use of a detached message body. Transfer of a detached message body is outside the scope of this document. 6.5.1. Claim Transaction The claim transaction is used to post a claim to a document published by means of an EARL. The claim interaction is used in the Static QR Code connection interaction but MAY be used for other purposes as required by Mesh applications. Hallam-Baker Expires 17 April 2025 [Page 40] Internet-Draft Mesh Protocol Reference October 2024 A claim is made by sending a ClaimRequest message to the service to which the publication is posted. The service responds with a ClaimRespose message specifying the success or failure of the claim. A device is preconfigured during manufacture and a Device Description published to the EARL: The client claiming the publication creates a claim message specifying the resource being claimed and the address of the Mesh account making the claim. { "MessageClaim":{ "PublicationId":"EBQJ-VQU2-NBCP-XCDF-PFWE-J5H4-BR26", "ServiceAuthenticate":"AAF3-24BG-U75Y-3GT3-K6NG-KXWE-QCWA", "DeviceAuthenticate":"AD7A-4KSW-37QZ-JGT7-SKGV-KZH2-36C3", "MessageId":"NB4P-XQDR-JVO4-MD6R-47BZ-G6ED-J543", "Sender":"alice@example.com", "Recipient":"maker@example.com"}} The message is signed by the claimant to make a RequestClaim to the service: Hallam-Baker Expires 17 April 2025 [Page 41] Internet-Draft Mesh Protocol Reference October 2024 { "ClaimRequest":{ "EnvelopedMessageClaim":[{ "EnvelopeId":"MCET-4P2O-3PEK-4PCH-7HGM-N5RL-M36D", "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJOQjRQLVhRRFItSl ZPNC1NRDZSLTQ3QlotRzZFRC1KNTQzIiwKICAiTWVzc2FnZVR5cGUiOiAiTWVzc2F nZUNsYWltIiwKICAiY3R5IjogImFwcGxpY2F0aW9uL21tbS9vYmplY3QiLAogICJD cmVhdGVkIjogIjIwMjQtMTAtMTRUMTM6MTA6NThaIn0", "dig":"S512"}, "ewogICJNZXNzYWdlQ2xhaW0iOiB7CiAgICAiUHVibGljYXRpb25JZCI6IC JFQlFKLVZRVTItTkJDUC1YQ0RGLVBGV0UtSjVINC1CUjI2IiwKICAgICJTZXJ2aWN lQXV0aGVudGljYXRlIjogIkFBRjMtMjRCRy1VNzVZLTNHVDMtSzZORy1LWFdFLVFD V0EiLAogICAgIkRldmljZUF1dGhlbnRpY2F0ZSI6ICJBRDdBLTRLU1ctMzdRWi1KR 1Q3LVNLR1YtS1pIMi0zNkMzIiwKICAgICJNZXNzYWdlSWQiOiAiTkI0UC1YUURSLU pWTzQtTUQ2Ui00N0JaLUc2RUQtSjU0MyIsCiAgICAiU2VuZGVyIjogImFsaWNlQGV 4YW1wbGUuY29tIiwKICAgICJSZWNpcGllbnQiOiAibWFrZXJAZXhhbXBsZS5jb20i fX0", { "signatures":[{ "alg":"ED448", "kid":"MDNT-WT3G-346G-4I5T-YV7F-LTQX-PSNT", "signature":"z03VvboD_IvshEuYEuRalFRGERvq1vHOJIWJzPNU gwLURsGLxxtfjE_1JtNWYe8kndOhVJo9_46A_Vx2DiAZ4ngzzYXoSpqAFgz7Ejqd5 s1B7K1ehk5ToIK0oYOGoQ--npioQHEccyfUrQalwe76zx4A"} ], "PayloadDigest":"aobSWyLEGCMF0JbRdOst2LQPvpXI3ZVd45r3sjaV uO0FwMNtiiCGmjArENV3rVarWEAwLGBVYhVnpqw-S43pXw"} ]}} The publication is found and the claim is accepted, the publication is returned in the response. { "ClaimResponse":{ "CatalogedPublication":{ "Id":"EBQJ-VQU2-NBCP-XCDF-PFWE-J5H4-BR26", "Authenticator":"ECMR-LTTI-XRTX-EXOY-K7U4-WHBZ-B6RQ-EECF-S44N -ZACS-OPFF-73UN-WOHB-U", "EnvelopedData":[{ "enc":"A256CBC", "kid":"EBQL-OM6D-RFHG-GGS3-DROH-6PLS-MU3G", "Salt":"Y5tvWUmCqp4z2DDdAWa_tw", "recipients":[{ "kid":"EBQJ-VQU2-NBCP-XCDF-PFWE-J5H4-BR26", "wmk":"YfJu1nJPXW1hRH7eDes_N9LMAXai-3hjO9uUKvFpC2MY vZQllFjIhw"} ]}, "6HQDAIDsWjnl6nkYcLwyXpNcxXCgsEq1S9E9M2FiLYImPgefjo4baMQL Hallam-Baker Expires 17 April 2025 [Page 42] Internet-Draft Mesh Protocol Reference October 2024 fQWa_Al9yjHLNSziOPidvQ-tpk-PmhrtwzAC4-9FC7AHPyicqzTk3dtsRLigqi9mL VW02h1zrJnTR8sHkt_WO4_FrmkqLHeTsZlqXm9No78UINGHt_ntffBd2NPwfiejkV l6X5DA_CxwPZdFS3cOUORyJjgMCKcrbast50u2rGieT9nBCGAxqMffwK5T35eRGKS OLh-92hXRF0K6yM1RBkXCTpCFdz807NnJPXiY1kwPwjptPVwTNsTgAXMl-IqGuaM5 Qglj4thR-OnQgDui_T51VAKBaICGjYbsGsq9XfJlrrQf9VJIVQ42C3REPaE1a07wI USLrjKxEgT9K13Y9BrP47rI43Z-75rC60C0nA5gzFQSlOtRt8LdcN_sX-JN_maY7M hZCVYdehKxUgAUqCt5MHuliQA4atczYIyDbUy2o31xj5vUtL0cX7MSIDu3F26P3w0 jVwDeNW1HfCs33_kqQHzLATr6vTwsgFkwhrq_DGbkJhGAiZjGfG-9s4CEckUUByDr Qu-umCAsnIWHPeLywTFiOtE9t7oPD_C1oIzf0MG0Jxl4CCS23X59lIrQzba1a7tXs 6oCJtSsPqLVdIHzOW0pK96725VLPnBHwo2DcjM4aWHLqr1dk5WGrSNBgeT_y6hH2y pE6xfeh57oTxCX8S0ThzKrm7nnVWVxBKE9YEyWJExEBqJEbiTeQqk0RwhLcgb1ECN DHuwIe9FWwfJOltyI1bja65EzBKiJrHLF1mjJEZIlTfLzzH-49Mf4zO9N6pdO_MmG VJJw_WvZZ-aBHoGLtP6SLLbAFPizSX_-io_eqIzmAnDLVZUJXNpHpUad87tX7gSJj J4J83E9vD1sA9BYzwRZiX6aRpaUxn-8Q2Af9Po4_mOjZPMtwwWrk883Wpz23WiIxf pVOPVazd95pqCdrQXLRQbTE-xa8ZI5uPz3vtNdiNy5I7gMYzANoU764CAWjVap8Fi dQBlALt2rEJ6fG87ulmYcmP-D3aeh9Cs-0r3mBlNWZnlf7y7yjfKRGmQRC6QyPToL kdg6bXAxpf7Mxao28VCcClTKsdr5IxknIZiarsi6lqOgYvYS2hbC2fnuSU6cRRAUH 7EIVS--7nDLYtDAZAoS1ZEkAbc4R6Qq5LeDTbW3I9UwjhY5d0wKeQh_6MBzU4wUAV 2kLDaOFId5PEYJMXdo2OwKTv6IGMEx7umcM0TReGp8-uqElp2Fp7VZGzzeCI4g0_C FsO3aY_uyHBYLZq9JiHgDG7decs0YxOzHmpiYaMqgCNkfJNTsbJ1sCUdTXabUM5Tp JB2UO6uetpl_oOoA-vKGcQMnzMIh2S-mm2NsVkZktDinBjnwb_X3EyPVBUybKj8RC K4RN5clEXb7l-ddQqIxNZlxUd5o3XyICYMGSPvq9DiXktnpnH9bQDhHrdB4_r_3u3 XENxlytln3p5Cwk37pJyQTYGknmLtmyNFGWo_RVUZCivnT5OEgkUm1FkTdH9xZ_WF JwEs7Yxt9pRQQKFj2AtcB0DqeGtOvJc1eg1z51xe-Le8tkBlQzz4XS58HDrNnrlw9 QSaoUCEP2sO_8M2SgCNBkeFQO0EAf0pdAClJUy52xyTqSJo_FsjJkE0h1wnSxxFd4 SMRiGpbpGh1VxzrWgM_3txrjk8Sp7OQqzN3kquc2OS86PuZfDOBEsq_-gr2pLNGGH xxZ4EW82TUgynRBohITHmYwGfisUx0YWtWR2ZhlS-KyvFaNCE6hdN2BwOtdsfouOO xjjOZfwiOxFx0MMkN2WSoocXxS1HudynfI23J5FWfJRhWpsDXfcOznZ2kAB014Kj5 MF42ZusxrHlRTnHQG3OmfcW6NnoyjOPXjiGk-CgHVI-P2xZi77xbr9okZlW7QmNvE ZZtgYZosLWc9QdLEnR17S8hScjgDC06ByRvVHKocSs-CdwtjfjXBAXitJRkNryzPr NOaYMLGhrMLeMA1X3eVfyB0zEyN6rEndnNwquqzevvV-J-p6hfuVVAkEK1ya7Suo_ j_vDOXtuX2mBr0l0DkkdgYlJcrLX7Slb6G40vVDZPmd2aQbB3ZGExTEL9Zlczp7T5 2fuK75lnbn9Osd50BnuSZ_LBGmpDNp2IxPqz7nel7wMEZW0zEyw_RAGqrzWLasi4t GovT0VNI4oc-h46I6e09eY83RoUwVNfgy9WSCR2Fb1fubqURgTkoOdptFAVy2Efel gRaWoaSnnz8xo8Pt2JAb1zRiWDgBrICe4QelPRlokNrAORCMBL2_GgWd_gv9h5Hrl gumJOmUiae8Iar7Gh08VzlYwk5JqA3xX6ooy2rnTKTJjKb9UdeApxooHvMnwxdnK9 A9LT5vbKYIQEcyOm6A3pcesJIUy5CF9fHsOvh-tS4Hg86xRoq1O6UEInwAJ7P5l5s 9Yh9Ge6EIq7JoffWFADCD0TN2MqrACBDdsbblE2TeC5nRJqKvGRv35j0PUVxCozb5 tEpj__CbXzJs4PrtCeu96npz6JTXesUIYNuvQD-7MkHjuAI7A-P4KrER14mjfftwi G6TlF9CMAhCTmDcFg21g7xtk_Ku6CA_diXU7dcjHyXzy0nECoTPzyJYBkoy22RLpu K65JbMR8cpDjB5hyYkiuDtVGRGcGpWWdq0qJPaXwIl2rmEHnjzzOyKovXFJyzEhmY m5jYwHbRhtBAUl3zZ5A5xHKi05OyDeiOESC7gJaISHPi0cWxIRc7hZ0VZ0n2asMi2 kW5ddh4MyLSD4qIwgCB5QC8CdTOoG2mM4PLgmJ1bLhi7Wkr7ndAPD4TA5FyPUD8L8 LjolfOQWwJfSe6UknbDYcRnUHVRp689OwzIPMHV00fxkK7ZCbL-Kcg8ea9oaZ-s5v _mkv7KMCed3B7V38FokYxuw1dVZODgxthk2nahCZ-cxAkgqgPDIuTrITIeqeykJiF UZRAldM_781GmMr-p_8HS25QVht" ]}, "Status":201, Hallam-Baker Expires 17 April 2025 [Page 43] Internet-Draft Mesh Protocol Reference October 2024 "StatusDescription":"Operation completed successfully"}} The device waiting to be connected uses the PollClaim transaction to receive notification of a claim having been posted. 6.5.2. PollClaim Transaction The PollClaim transaction is used to discover if a claim has been posted to a published document. When an authenticated, authorized request is made, the service responds with the latest claim posted to the publication. The device in the example above periodically polls the service to which the device description is published to find if a claim has been registered. The PollClaimRequest contains the account to which the document is published and the publication ID: { "PollClaimRequest":{ "PublicationId":"EBQJ-VQU2-NBCP-XCDF-PFWE-J5H4-BR26", "TargetAccountAddress":"maker@example.com"}} The response returns the latest claim made as signed message: Hallam-Baker Expires 17 April 2025 [Page 44] Internet-Draft Mesh Protocol Reference October 2024 { "PollClaimResponse":{ "EnvelopedMessage":[{ "EnvelopeId":"MDNB-MBUA-NUS2-B7D3-6FIZ-OAPG-D4L5", "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJOQjRQLVhRRFItSl ZPNC1NRDZSLTQ3QlotRzZFRC1KNTQzIiwKICAiTWVzc2FnZVR5cGUiOiAiTWVzc2F nZUNsYWltIiwKICAiY3R5IjogImFwcGxpY2F0aW9uL21tbS9vYmplY3QiLAogICJD cmVhdGVkIjogIjIwMjQtMTAtMTRUMTM6MTA6NThaIn0", "SequenceInfo":{ "Index":1, "TreePosition":0}, "Received":"2024-10-14T13:10:58Z", "signatures":[{ "alg":"ED448", "kid":"MDNT-WT3G-346G-4I5T-YV7F-LTQX-PSNT", "signature":"z03VvboD_IvshEuYEuRalFRGERvq1vHOJIWJzPNU gwLURsGLxxtfjE_1JtNWYe8kndOhVJo9_46A_Vx2DiAZ4ngzzYXoSpqAFgz7Ejqd5 s1B7K1ehk5ToIK0oYOGoQ--npioQHEccyfUrQalwe76zx4A"} ], "PayloadDigest":"aobSWyLEGCMF0JbRdOst2LQPvpXI3ZVd45r3sjaV uO0FwMNtiiCGmjArENV3rVarWEAwLGBVYhVnpqw-S43pXw", "dig":"S512"}, "ewogICJNZXNzYWdlQ2xhaW0iOiB7CiAgICAiUHVibGljYXRpb25JZCI6IC JFQlFKLVZRVTItTkJDUC1YQ0RGLVBGV0UtSjVINC1CUjI2IiwKICAgICJTZXJ2aWN lQXV0aGVudGljYXRlIjogIkFBRjMtMjRCRy1VNzVZLTNHVDMtSzZORy1LWFdFLVFD V0EiLAogICAgIkRldmljZUF1dGhlbnRpY2F0ZSI6ICJBRDdBLTRLU1ctMzdRWi1KR 1Q3LVNLR1YtS1pIMi0zNkMzIiwKICAgICJNZXNzYWdlSWQiOiAiTkI0UC1YUURSLU pWTzQtTUQ2Ui00N0JaLUc2RUQtSjU0MyIsCiAgICAiU2VuZGVyIjogImFsaWNlQGV 4YW1wbGUuY29tIiwKICAgICJSZWNpcGllbnQiOiAibWFrZXJAZXhhbXBsZS5jb20i fX0", {} ], "Status":201, "StatusDescription":"Operation completed successfully"}} 6.6. Cryptographic The Operate transaction is used to perform one or more cryptographic operations using private key material recorded in the Threshold Catalog. Such operations typically represent one part of a threshold key operation divided between the service and a device connected to an account. As with all operations involving the Access catalog, the request MUST meet the authentication criteria specified by the catalog entry. These typically include the request being authenticated by a specific key.Key Agreement Hallam-Baker Expires 17 April 2025 [Page 45] Internet-Draft Mesh Protocol Reference October 2024 CryptographicOperationKeyAgreement is used to request a threshold key agreement operation on a specified public key. Alice added Bob to groupw@example.com as a member. This resulted in Bob receiving the invitation described in section ??? and the following access entry being added to the Access catalog of the group account: { "CatalogedAccess":{ "Capability":{ "CapabilityDecryptServiced":{ "GranteeUdf":"bob@example.com", "EnvelopedKeyShare":[{ "enc":"A256CBC", "kid":"EBQH-2PZ5-HTKM-HC3Y-N6YT-VQ3A-ZZCR", "Salt":"H00N80phHkIfP95CI5ZlZw", "recipients":[{ "kid":"MDET-26NB-5GRV-JOWD-HJ6D-6WUN-JLWE", "epk":{ "PublicKeyECDH":{ "crv":"X448", "Public":"MDbm9mOsQDWbtNQahw0CnoIFuZpoVsj8gtZ 8F-yN11ioJnoxCz9S_v_mIDFOWiZAqy0a5I3YTjOA"}}, "wmk":"p2KrCgM3HliVXkJLugonLHpT8ZPxxBWm1jZxOOWkBp 8uxIAXFySoeA"} ], "ContentMetaData":"ewogICJNZXNzYWdlVHlwZSI6ICJLZXlEYX RhIiwKICAiY3R5IjogImFwcGxpY2F0aW9uL21tbS9vYmplY3QiLAogICJDcmVhdGV kIjogIjIwMjQtMTAtMTRUMTM6MTA6NTVaIn0"}, "wsXytUHUeYC6ko5uTPalgTsmTG1car6vZIbVPUcbgS81xAawr1wwAr ytRIJE2Ji3FbY4pQA8RRdzBAuxAbSTZIIvsCic3nYQ8wuxyX3JWkUPtuHj-5G4R3W o2TVHS2BQUywYgnCHOcfTaPLr2O1arDQ3fo401dYeJtFSPiOexmwjsghD_KXILmBA tUTZnp6UPI0yQd90Qmxs6QonkHgYwY8pmCoLJxebyf80C0teU4u5O8I1t0Nxlw1oH 8Z6zgB-0K8u8lmf0h0IwxZRLnGjMAivV8D1n9SIYMZEnYzpItXu5zxf8z_RV15GO5 d9qy3SRtPOlGSZXI3Xn_CRk9dt6jUbpGl-NCbqXAweA71x1dgTMXcDozHbL0UQhHH ZZlq8crxgfGAGr1PBHFc8Wg4yDxU_JLzwz3V2r7RnnMXfJsgE2-F-SZVYTtpZQ5LW DiuEMF5UR6wxz7cdd4hY-z2CjoydhrWmBBOCGgn7wwzd6XkvMg02trFAYM63psNr1 YWh8qvI1rtx1h8DVKErp-2w2x64Hc1Tf7gW7eExGoFHG8nIWfEpJ28arPLoD0Z2tE 5xAZ6UmlY3zYjU_rTmf62qhjNVdag5qu_YPilWHlD4oHvGh67e04QUOnzLR-UoScy BSdF1u6_HxenHJ46NV4mbzmZV2KvQw9Y7aMDLeR3gufmRR2Tr9nuKhQnO3zWSE68p VXIRxz5rVmo_fYtg3PrcdQ" ], "Id":"MBNJ-RWYE-WXIY-ETHX-RIVA-RKHM-Q7QC", "Active":true}}}} The private key (in this case a key share) is encrypted under the service key. Hallam-Baker Expires 17 April 2025 [Page 46] Internet-Draft Mesh Protocol Reference October 2024 To make use of the access entry, a request is made that specifies the key share to be operated on and the public key parameters to perform the agreement with. The request payload: { "OperateRequest":{ "AccountAddress":"groupw@example.com", "Operations":[{ "CryptographicOperationKeyAgreement":{ "PublicKey":{ "PublicKeyECDH":{ "crv":"X448", "Public":"ZoSHmhH63m5wJqoaS3V0-B3KN2WL29IsJWdRDyIaT -glv5ZhlHZq0gN0_qWhpYt8yZYm0St0P9aA"}}, "KeyId":"MBNJ-RWYE-WXIY-ETHX-RIVA-RKHM-Q7QC"}} ]}} The service checks to see if the request is authorized and if so, performs the operation and returns the result: { "OperateResponse":{ "Results":[{ "CryptographicResultKeyAgreement":{ "KeyAgreement":{ "KeyAgreementECDH":{ "Curve":"X448", "Result":"9iLvBSWGWu_iAvqdLxB8D-0yNFhNDe8it5FMZ4J7Q w6y25Z_oP4GTB9mxMucGukzeF0V0HiQeU4A"}}}} ], "Status":201, "StatusDescription":"Operation completed successfully"}} *Future*: Currently, the access catalog is encrypted under the service encryption key. It would be better to encrypt the catalog under an encryption key specified by the service during the process of account binding. This would allow a service to assign a unique encryption key to each account and limit access to that key to the hosts servicing that specific account. 6.6.1. Generate Key Shares Generation of threshold key shares is planned but not currently supported. Hallam-Baker Expires 17 April 2025 [Page 47] Internet-Draft Mesh Protocol Reference October 2024 6.6.2. Threshold Sign Threshold signature is planned but not currently supported. 6.7. Messaging Mesh Messaging is an asynchronous messaging service that allows exchange of information between devices connected to a Mesh account and between Mesh users. To enable effective abuse mitigation, Mesh Messaging enforces a four- corner communication model in which all outbound and inbound messages pass through a Mesh Service which accredits and authorizes the messages on the user's behalf. (Artwork only available as svg: see https://www.ietf.org/archive/id/ draft-hallambaker-mesh-protocol-16.html) Figure 2: The Mesh Four Corner Messaging Model The Post transaction is only used to exchange messages between services. The client sends and receives messages through interactions with the outbound and inbound spools of the account. 6.7.1. Sender. To send a message, the client creates the Mesh Message structure, encapsulates it in a DARE Message and appends the message to the Outbound spool of the account using the Transact operation.. The DARE Message MUST be signed under the account signature key. The Mesh Service receiving the message from the user's device MAY attempt immediate retransmission or queue it to be sent at a future time. Mesh Services SHOULD forward messages without undue delay. 6.7.2. Outbound Service The Post transaction forwarding the message to the destination service carries the same payload as the original request but is authenticated by the service forwarding it. This authentication MAY be my means of either profile or ticket authentication. >>>> Unfinished ProtocolPostServiceService [Not Yet Implemented] Hallam-Baker Expires 17 April 2025 [Page 48] Internet-Draft Mesh Protocol Reference October 2024 After the message has been sent, the service updates the message status on the outbound spool. Services SHOULD implement Denial of Service mitigation strategies including limiting the maximum time taken to complete a transaction and refusing connections from clients that engage in patterns of behavior consistent with abuse. The limitation in message size allows Mesh Services to aggressively time out connections that take too long to complete a transaction. A Mesh Service that hosted on a 10Mb/s link should be able to transfer 20 messages a second. If the service is taking more than 5 seconds to complete a transaction, either the source or the destination service is overloaded or the message itself is an attack. Imposing hard constraints on Mesh Service performance requires deployments to scale and apply resources appropriately. If a service is attempting to transfer 100 messages simultaneously and 40% are taking 4 seconds or more, this indicates that the number of simultaneous transfers being attempted should be reduced. Contrawise, if 90% are completed in less than a second, the number of threads allocated to sending outbound messages might be increased. 6.7.3. Inbound Service The inbound service MUST subject inbound messages to Access Control according to the credentials presented in the DARE Message payload. After verifying the signature and checking that the key is properly accredited in accordance with site policy, the service applies authorization controls taking account of: * The accreditation of the sender * The accreditation of the transmitting Service * The type of Mesh Message being sent * User policy as specified in their Contact Catalog * Site policy. 6.7.4. Recipient Messages are received by synchronizing the outbound spool. Hallam-Baker Expires 17 April 2025 [Page 49] Internet-Draft Mesh Protocol Reference October 2024 7. Access Control [This section to be expanded in future drafts] Access control is effected through the usual division of authentication and authorization. Authentication of operation requests is performed by the RUD layer [draft-hallambaker-mesh-rud] . 7.1. Direct authorization Any request authenticated under the profile authentication key is authorized to perform any account operation without restriction. 7.2. Access Catalog authentication If the authentication key presented has a matching Access Catalog entry, the device is authorized to perform operations as specified in that entry. 8. Message Interactions Message interactions are asynchronous interactions that occur between devices connected to the same account or between accounts. All messages are signed by the sender and encrypted under the encryption key of the recipient if this is known to the sender. 8.1. Message PIN Interaction The Message PIN Interaction is used to register and validate PIN codes used to authenticate certain transactions. This interaction allows a PIN code issued by one device to be consumed by another allowing for greater convenience in managing devices or contact exchange. For example, Alice might delegate the PIN code issue privilege to her mobile device without delegating the administration privilege to that device. This would allow Alice to use her mobile device to initiate the connection of a large number of devices to her Mesh as her house is being built and approve them later using her administrative device. Use of the Message PIN interaction is optional. An application that issues a PIN code to authenticate a message MAY store the PIN value within the application without persisting it to external storage. Hallam-Baker Expires 17 April 2025 [Page 50] Internet-Draft Mesh Protocol Reference October 2024 Derivation of the SaltedPin, MessageId and Witness values from their respective inputs is described in the Schema Reference [draft-hallambaker-mesh-schema]. 8.1.1. Registration To register a PIN code to an Account, a device: * Generates the PIN code value * Calculates the SaltedPin value for the specified Action * Calculates the PinId binding the specified SaltedPinto the Account. * Creates and signs MessagePin containing the SaltedPin, Action and Account values with the MessageId value PinId. * Appends the MessagePinvalue to the Administration Spool of the Account. Note that this construction provides limited protection against forgery attacks by a party with access to the MessagePin. A party with such access can use it to construct the witness value required to authenticate a request. PIN Code values consist of an opaque sequence of octets represented as a UDF nonce value. Codes are presented in canonical UDF form, i.e. Base32 encoding separated into groups of 4 characters. The PIN value is converted to binary form for calculation of the SaltedPin, thus ensuring that the canonical form of the PIN value is used. 8.1.2. Authentication The PIN Code value is passed out of band to a user who will enter it into a device to authenticate a request made to the issuer. A request that MAY be validated by means of a PIN is a subclass of MessagePinValidated and contains the following fields: AuthenticatedData A DARE Envelope containing the data that is authenticated. ClientNonce A nonce value used to prevent certain replay attacks. PinId Digest value binding the SaltedPinto the Account. PinWitness Witness value calculated as KDF (Device.UDF + Hallam-Baker Expires 17 April 2025 [Page 51] Internet-Draft Mesh Protocol Reference October 2024 AccountAddress, ClientNonce) The device uses the PIN code and Action identifier corresponding to the desired request to calculate the SaltedPin value in the same manner as during registration. This value is then used to calculate the PinId and PinWitness values. 8.1.3. Validation The PIN code is validated by performing the steps of: * Calculating the SaltedPin value from the PIN code and Action * Calculating PinId from SaltedPin and Account * Retrieving a MessagePin from the Administration spool with the MessageId PinId. * Calculating the PinWitness value from SaltedPin, ClientNonce and AuthenticatedData and checking this matches the value specified in the message. * Performing the requested action. * Posting a Complete message to the Administration Spool of the Account marking the PIN code as used. This process can fail at multiple points resulting in different error results: PinInvalid No PIN code is specified, the Pin code indicates an unsupported algorithm or the calculated PinWitness does not match the one specified by the request. PinUsed The PIN code has been used previously. PinExpired The PIN code is no longer valid. Note that in the case that an attempt is made to reuse a PIN, it is not automatically the case that the first use of the PIN was the one that was valid and only the second attempt was invalid. Implementations SHOULD alert the user to the attempted re-use so that this possibility can be considered and appropriate action taken. 8.1.4. Example Alice connects a device using a QR code presented by her administrative device. Hallam-Baker Expires 17 April 2025 [Page 52] Internet-Draft Mesh Protocol Reference October 2024 The administration device creates a PIN code and records it to the Local spool. The message specifies the salted pin value used to verify attempts to use the PIN, the action for which it is authorized. Since this PIN has been issued to authorize a device connection, the roles for which the device are authorized as well. This allows the connection request to be accepted without asking for further input from the user. { "MessagePin":{ "Account":"alice@example.com", "Expires":"2024-10-15T13:10:56Z", "Automatic":true, "SaltedPin":"ABYY-PTS3-HOUO-E3VH-TOCJ-GFJI-XPHS", "Action":"Device", "Roles":["threshold" ], "MessageId":"AAKU-MJKW-GRDS-S3ZI-DONH-D6US-4REW"}} 8.2. Completion Interaction Completion messages are dummy messages that are added to a Mesh Spool to mark a change the status of messages previously posted. Any message that is in the inbound spool and has not been erased or redacted MAY be marked as read, unread or deleted. Any message in the outbound spool MAY be marked as sent, received or deleted. Services MAY erase or redact messages in accordance with local site policy. Since messages are not removed from the spool on being marked deleted, they may be undeleted by marking them as read or unread. Marking a message deleted MAY make it more likely that the message will be removed if the sequence is subsequently purged. After using the PIN code to authenticate connection of a device in the previous example, the corresponding MessagePin is marked as having been used by appending a completion message to the Local spool. { "MessageComplete":{ "References":[{ "MessageId":"AAKU-MJKW-GRDS-S3ZI-DONH-D6US-4REW", "ResponseId":"MDDD-KNM4-KUZH-QVC4-KWLI-5NBW-T54I", "Relationship":"Closed"} ], "MessageId":"NARB-QXHR-HQFR-PCAS-D3L6-YGJX-LXCL"}} Hallam-Baker Expires 17 April 2025 [Page 53] Internet-Draft Mesh Protocol Reference October 2024 The completion message is added to the spool in the same upload transaction that adds the device to the device catalog. This ensures that both operations occur or neither occurs. 8.3. Contact Exchange Interaction The contact exchange interaction is used to support unilateral or mutual exchange of contact information. Contact exchange has three functions in the Mesh: * To exchange public key information to allow encryption of messages sent to and verification of signatures on messages sent from the contact subject. * To exchange contact information allowing use of other communication protocols (e.g. telephone, SMS, xmpp, SMTP, OpenPGP, S/MIME, etc). * To request that the recipient grant privileges to accept certain types of messages from the contact subject. Registration of the subject's contact information in a registry service eliminates the need for the first of these functions but not the other two. To prevent abuse, every Mesh Message is subject to access control and a Mesh service will only accept a message from a sender if there is an entry in the Threshold Catalog of the account that expressly permits delivery of messages of the specified type that are authenticated by an authorized signature key. The communication of unsolicited information afforded by the contact exchange interaction is deliberately limited so that a majority of users can accept contact exchange requests without prior authorization. It is however likely that some users will receive a considerable volume of requests forcing them to require contact requests be authorized through some form of third party accreditation. 8.3.1. Remote The Remote Contact Exchange transaction consists of a sequence of MessageContact messages sent from the initiator to the responder, responder to the initiator, etc. While there is in principle no limit on the number of messages exchanged, most exchanges will be completed in three exchanges or less: Initiator to Responder Contains Initiator contact data without authentication context from the exchange. Hallam-Baker Expires 17 April 2025 [Page 54] Internet-Draft Mesh Protocol Reference October 2024 Responder to Initiator (optional) Contains Responder contact data authenticated under a PIN challenge presented in the previous message. Initiator to Responder (optional) Contains Initiator contact data authenticated under a PIN challenge presented in the previous message. Each message provides the recipient with additional information which MAY motivate the recipient to provide additional contact information to the sender. { "MessageContact":{ "Reply":true, "Subject":"alice@example.com", "PIN":"AB3A-ETHW-4RGL-GEYG-KEAP-TLEM-UKDQ", "AuthenticatedData":[{ "ContentMetaData":"ewogICJNZXNzYWdlVHlwZSI6ICJDb250YWN0UG Vyc29uIiwKICAiY3R5IjogImFwcGxpY2F0aW9uL21tbS9vYmplY3QiLAogICJDcmV hdGVkIjogIjIwMjQtMTAtMTRUMTM6MTA6NDlaIn0", "dig":"S512"}, "ewogICJDb250YWN0UGVyc29uIjogewogICAgIkNvbW1vbk5hbWVzIjogW2 51bGxdLAogICAgIkFuY2hvcnMiOiBbewogICAgICAgICJVZGYiOiAiTUJRTS1NUkF TLVRCRUMtT09MTS1OUFFZLVhGN08tS1FNRSIsCiAgICAgICAgIlZhbGlkYXRpb24i OiAiU2VsZiJ9XSwKICAgICJOZXR3b3JrQWRkcmVzc2VzIjogW3sKICAgICAgICAiT mV0d29ya1Byb2ZpbGUiOiB7CiAgICAgICAgICAiRW52ZWxvcGVkUHJvZmlsZUFjY2 91bnQiOiBbewogICAgICAgICAgICAgICJFbnZlbG9wZUlkIjogIk1CUU0tTVJBUy1 UQkVDLU9PTE0tTlBRWS1YRjdPLUtRTUUiLAogICAgICAgICAgICAgICJDb250ZW50 TWV0YURhdGEiOiAiZXdvZ0lDSlZibWx4ZFdWSlpDSTZJQ0pOUWxGTkxVMVNRVk10V kVKRlF5MQogIFBUMHhOTFU1UVVWa3RXRVkzVHkxTFVVMUZJaXdLSUNBaVRXVnpjMk ZuWlZSNWNHVWlPaUFpVUhKdlptbHNaCiAgVlZ6WlhJaUxBb2dJQ0pqZEhraU9pQWl ZWEJ3YkdsallYUnBiMjR2YlcxdEwyOWlhbVZqZENJc0NpQWdJa04KICB5WldGMFpX UWlPaUFpTWpBeU5DMHhNQzB4TkZReE16b3hNRG8wT1ZvaWZRIiwKICAgICAgICAgI CAgICAiZGlnIjogIlM1MTIifSwKICAgICAgICAgICAgImV3b2dJQ0pRY205bWFXeG xWWE5sY2lJNklIc0tJQ0FnSUNKRGIyMXRiMjVUYVdkdVlYUjFjbVUKICBpT2lCN0N pQWdJQ0FnSUNKVlpHWWlPaUFpVFVKUFJTMVlSMFJZTFZwVVZrVXRWRFJOUVMxUlNr bE9MVGRhVgogIHpVdFJWVlZNeUlzQ2lBZ0lDQWdJQ0pRZFdKc2FXTlFZWEpoYldWM FpYSnpJam9nZXdvZ0lDQWdJQ0FnSUNKCiAgUWRXSnNhV05MWlhsRlEwUklJam9nZX dvZ0lDQWdJQ0FnSUNBZ0ltTnlkaUk2SUNKRlpEUTBPQ0lzQ2lBZ0kKICBDQWdJQ0F nSUNBaVVIVmliR2xqSWpvZ0lsWlJVbWhmV1hOd1ZHYzNXRmRSY0hOTGRqWXdiVmhD U0c5Zk5uSgogIDFiR1ZJZFhKWFNGcHViSEV5U2xWb0xYWk9TbTA0T0d3S0lDQmtRM jVCVnpSU1dVWlpUR0V3Tmt4dVVYUXRlCiAgVEZtUlVFaWZYMTlMQW9nSUNBZ0lrRm pZMjkxYm5SQlpHUnlaWE56SWpvZ0ltSnZZa0JsZUdGdGNHeGxMbU4KICB2YlNJc0N pQWdJQ0FpVTJWeWRtbGpaVlZrWmlJNklDSk5RbEZFTFVWVVdGVXRTRnBTVnkxQk1q WlBMVmRFVgogIEZJdFN6ZEhTUzFZTmtwRUlpd0tJQ0FnSUNKRmMyTnliM2RGYm1Oe WVYQjBhVzl1SWpvZ2V3b2dJQ0FnSUNBCiAgaVZXUm1Jam9nSWsxRFdsa3ROakpNTm kxVVNUYzFMVE5GTlU0dFMxVkxXUzFLVGxFekxUSTNRbFVpTEFvZ0kKICBDQWdJQ0F Hallam-Baker Expires 17 April 2025 [Page 55] Internet-Draft Mesh Protocol Reference October 2024 pVUhWaWJHbGpVR0Z5WVcxbGRHVnljeUk2SUhzS0lDQWdJQ0FnSUNBaVVIVmliR2xq UzJWNVJVTgogIEVTQ0k2SUhzS0lDQWdJQ0FnSUNBZ0lDSmpjbllpT2lBaVdEUTBPQ 0lzQ2lBZ0lDQWdJQ0FnSUNBaVVIVmliCiAgR2xqSWpvZ0lsWXRUbE50VHpSdWNqUl FlV2RxVkhCUVNFSnlWMVpTVG5WeE1taFpRbmRpVm1WelRGOVNOa28KICB6VUZOQ0x XNDBZa1ZvUlRNS0lDQlVVbUZqVUVkWFJIcHljM3BYV0hwbmEyUmZabGxEYTBFaWZY MTlMQW9nSQogIENBZ0lrRmtiV2x1YVhOMGNtRjBiM0pUYVdkdVlYUjFjbVVpT2lCN 0NpQWdJQ0FnSUNKVlpHWWlPaUFpVFVSCiAgQ1VpMUtXVkZITFZoSVNWa3RNMHRRV0 MxTk5sSlpMVXBIV1ZrdFFqVlJTU0lzQ2lBZ0lDQWdJQ0pRZFdKc2EKICBXTlFZWEp oYldWMFpYSnpJam9nZXdvZ0lDQWdJQ0FnSUNKUWRXSnNhV05MWlhsRlEwUklJam9n ZXdvZ0lDQQogIGdJQ0FnSUNBZ0ltTnlkaUk2SUNKRlpEUTBPQ0lzQ2lBZ0lDQWdJQ 0FnSUNBaVVIVmliR2xqSWpvZ0lsVkpTCiAgRGhMTVcxdldXOVZlWGt3ZUhGMlREaG 9VVkYxVXpodFpWaEZObGhoWmtwRlgyOWpSVFZrU0VGVVJuTnVWa04KICBpWVdFS0l DQXRNazlpV0VkRldGWkxXVUZNUVhGNmNuQTNjREZHYTBFaWZYMTlMQW9nSUNBZ0lr TnZiVzF2YgogIGtWdVkzSjVjSFJwYjI0aU9pQjdDaUFnSUNBZ0lDSlZaR1lpT2lBa VRVUkVWaTFHTlZsR0xWbE1NMDh0TjBwCiAgVFRTMU9TRmRFTFVwYVVsZ3RXa2RIUl NJc0NpQWdJQ0FnSUNKUWRXSnNhV05RWVhKaGJXVjBaWEp6SWpvZ2UKICB3b2dJQ0F nSUNBZ0lDSlFkV0pzYVdOTFpYbEZRMFJJSWpvZ2V3b2dJQ0FnSUNBZ0lDQWdJbU55 ZGlJNklDSgogIFlORFE0SWl3S0lDQWdJQ0FnSUNBZ0lDSlFkV0pzYVdNaU9pQWlhe TFzUkVOdVJ6TjFlbDl2WkZWVllUTnRVCiAgMUY0UjBOWFlUSnVUbXBLY201aWMzVj ZVVjk0ZFVoc1NuZHllRlJOWWxkV2RRb2dJR2R4YTJkckxXVlFjMmQKICBFV0ZKdVV WZEtSVk4zWjFwMVFTSjlmWDBzQ2lBZ0lDQWlRMjl0Ylc5dVFYVjBhR1Z1ZEdsallY UnBiMjRpTwogIGlCN0NpQWdJQ0FnSUNKVlpHWWlPaUFpVFVSVFZ5MDBWRWd5TFRWS lVqY3RXazlVVnkxVVNFVTNMVVJRU1U0CiAgdFIxbEtUQ0lzQ2lBZ0lDQWdJQ0pRZF dKc2FXTlFZWEpoYldWMFpYSnpJam9nZXdvZ0lDQWdJQ0FnSUNKUWQKICBXSnNhV05 MWlhsRlEwUklJam9nZXdvZ0lDQWdJQ0FnSUNBZ0ltTnlkaUk2SUNKWU5EUTRJaXdL SUNBZ0lDQQogIGdJQ0FnSUNKUWRXSnNhV01pT2lBaWVsOUdiME5QWkRVdFRGWklRa 2xxUTNaZlgxUmxYMFI0ZUdWMlprVk5RCiAgMTlsUlVwQ1pFZG5SMmxuZUZZMlNFUm pkbEpZUlFvZ0lHNDBRVUpwZERsV05FTnJVamRpV0ZCb2VYbERiSEoKICBWUVNKOWZ YMHNDaUFnSUNBaVVtOXZkRlZrWm5NaU9pQmJJbGxNVnpoUk5rSlBNbGRIUlVGMVJV Tk9iRkJKVAogIFVkdmJFdExVRUl4VlRoaWMxSjROVTFSWlRsNU5uWnhTMUZTVVRSY UNpQWdaRTlIUVU0NFYwWXlRMWhOWTE5CiAgdGJWZDFjVXd3UmxjMk1FSjFiMGxZVl ZKbE4xVlFOQ0pkZlgwIiwKICAgICAgICAgICAgewogICAgICAgICAgICAgICJzaWd uYXR1cmVzIjogW3sKICAgICAgICAgICAgICAgICAgImFsZyI6ICJFRDQ0OCIsCiAg ICAgICAgICAgICAgICAgICJraWQiOiAiTUMyMy1ZUTVBLUozTVctREJBQy00RUJEL U1VNkktR0JWQyIsCiAgICAgICAgICAgICAgICAgICJTaWduYXR1cmVLZXkiOiB7Ci AgICAgICAgICAgICAgICAgICAgIlB1YmxpY0tleUVDREgiOiB7CiAgICAgICAgICA gICAgICAgICAgICAiY3J2IjogIkVkNDQ4IiwKICAgICAgICAgICAgICAgICAgICAg ICJQdWJsaWMiOiAiMFk0cF8tR21jeWkydUFRYnJHOXFOVmNUREQ0aVBXQ2dJcnpBa GJBMXV6bTMyTlpXa3NzVAogIGxEVHc5WW91RldqY3NoNWRGV095Vmh3QSJ9fSwKIC AgICAgICAgICAgICAgICAgInNpZ25hdHVyZSI6ICJIaWtuV2hBYzFHa3BTTkxVMnV nLUs4SWwwSG5zX3ZxMEM4RTR2cTFYdDdTNktGWDNNCiAgOUc3cTB3VHlvOVhrLWc4 VTdDWHczcFl2dG1BaTB2ZmtSbFhnWmd0OHBaSWQydnZrSlZ4ZG1ZeFkxbXQxcnYKI CBLQXhJbzV6VkowQXRYOUhjVVBULU81R0Z3SUJzQlF2eXJuMHhqdkFJQSJ9XSwKIC AgICAgICAgICAgICAiUGF5bG9hZERpZ2VzdCI6ICJ3WDQ4MjlaVlBIeDFOd0pwT1R VV1VRZi1uM2t2MEF1bkp5LUhCcEk3SXFObUsKICB5WFUxakczTWZucXRzV2Z2Zkg2 UUpnd0t6NW13b1BxeF8zdHQ0MU5MdyJ9XSwKICAgICAgICAgICJBZGRyZXNzIjogI mJvYkBleGFtcGxlLmNvbSJ9fV19fQ", { Hallam-Baker Expires 17 April 2025 [Page 56] Internet-Draft Mesh Protocol Reference October 2024 "signatures":[{ "alg":"ED448", "kid":"MBOE-XGDX-ZTVE-T4MA-QJIN-7ZW5-EUU3", "signature":"AS3_3bTTS5t7txywPXMdENgK5g4P2Ulcoyhu9gL2 I4FGaEdjeEuGJbIIDqNcCl3xq0Wk4ATnBIqAAXtRTtEfx1UOveTRvbS77VhMq8Hz6 VU83pwUWfdpGWtKUgTVOuMLVggT199OfZ42ItIIA3w_ogEA"} ], "PayloadDigest":"KaXz5nh1C7D_t2XInJ6tHMXDU5oz4B3EfPJpGzzT FQVdNpo3LcvYm7oHhh9wM72GQ_fcd0o9HOEF8xmv74Mblw"} ], "MessageId":"NAJJ-X5FX-POHN-TTR4-3TXK-KTE7-3KKM", "Sender":"bob@example.com", "Recipient":"alice@example.com"}} The Mesh Contact Exchange transaction does not provide for validation of the contact information beyond the binding to the Mesh Account Address used to perform the exchange. 8.3.2. PIN Contact exchange requests MAY be authenticated by a PIN code. Initial contact exchange requests SHOULD include a PIN code value that can be used to authenticate a response (if given). PIN codes MAY also be exchanged out of band. A MessageContact authenticated by means of a PIN code is authenticated as described in the PIN Interaction section above. 8.3.3. EARL A MessageContact message MAY be published as an EARL. This allows contact data to be presented to the recipient on a printed document such as a business card in machine readable format such as a QR code. 8.4. Group Invitation The GroupInvitation interaction is used to invite a recipient to join a Mesh Group. The interaction is essentially a form of contact exchange except that a sender SHOULD NOT send group invitations unless there is an existing relationship. Thus the 'first trust' issues intrinsic to the contact exchange interaction do not apply. The message specifies the group name and the contact entry for the group. The contact entry includes the CapabilityDecryptServiced used to decrypt messages sent to the group when combined with information provided by the threshold service for the group. Receipt of a GroupInvitation message does not require a response. Hallam-Baker Expires 17 April 2025 [Page 57] Internet-Draft Mesh Protocol Reference October 2024 >>>> Unfinished ProtocolGroupInvite Missing example 14 8.5. Confirmation Interaction The confirmation interaction consists of a RequestConfirmation message from the initiator followed by a ResponseConfirmation from the responder. The RequestConfirmation message specifies the action that is requested. The ResponseConfirmation message contains the enveloped RequestConfirmation message signed by the initiator and the disposition of the responder, Accept = true if the request is accepted and Accept = false otherwise. The service sends out the following request: { "RequestConfirmation":{ "Text":"start", "MessageId":"NAZG-5KBV-D32X-O24L-XTYS-26GV-FC6Z", "Sender":"console@example.com", "Recipient":"alice@example.com"}} Alice accepts the request and returns the following response: Hallam-Baker Expires 17 April 2025 [Page 58] Internet-Draft Mesh Protocol Reference October 2024 { "ResponseConfirmation":{ "Request":[{ "EnvelopeId":"MCDS-ZYU5-TXDG-FAHW-BAVA-VFRM-XOXD", "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJOQVpHLTVLQlYtRD MyWC1PMjRMLVhUWVMtMjZHVi1GQzZaIiwKICAiTWVzc2FnZVR5cGUiOiAiUmVxdWV zdENvbmZpcm1hdGlvbiIsCiAgImN0eSI6ICJhcHBsaWNhdGlvbi9tbW0vb2JqZWN0 IiwKICAiQ3JlYXRlZCI6ICIyMDI0LTEwLTE0VDEzOjEwOjUyWiJ9", "SequenceInfo":{ "Index":7, "TreePosition":6211}, "Received":"2024-10-14T13:10:52Z", "signatures":[{ "alg":"ED448", "kid":"MDMO-SHNV-SDLR-GGIH-W2MA-QTNA-OQUG", "signature":"4oOI79pmsbJKxPfdZZgm0h60ZN9Ec5dSXtyBtLHk 4tKfxRMy-s4JlBO1SZ4xsRzkPkjh_bozL2IAiil1f6F8Kva5UMDMwOs1E363x5zfs 4ttnMz9KjHD_LSNiG5S7iwMh4XF6-GB-s-ge1a7Cf4TqjwA"} ], "PayloadDigest":"5oqE8QWpLfTmxhs4GpDS6_Od2dd8PcdDMfI9bgoN NrYNnZaNwOI_oloD2i2k65_ENqyBTdM8TLlkc-TtywwwqQ", "dig":"S512"}, "ewogICJSZXF1ZXN0Q29uZmlybWF0aW9uIjogewogICAgIlRleHQiOiAic3 RhcnQiLAogICAgIk1lc3NhZ2VJZCI6ICJOQVpHLTVLQlYtRDMyWC1PMjRMLVhUWVM tMjZHVi1GQzZaIiwKICAgICJTZW5kZXIiOiAiY29uc29sZUBleGFtcGxlLmNvbSIs CiAgICAiUmVjaXBpZW50IjogImFsaWNlQGV4YW1wbGUuY29tIn19", {} ], "Accept":true, "MessageId":"MDRR-IKIO-BXGJ-Y2QA-ZLJI-YDA2-HC4I", "Sender":"alice@example.com", "Recipient":"console@example.com"}} 9. Device Connection Interactions Connection of a device to a Mesh Account combines synchronous and asynchronous elements and therefore uses a combination of Mesh Service Protocol and Mesh Messaging interactions. Four connection interactions are currently defined support connection of devices with different affordances: Witness Authenticated For connecting devices that provide data entry Hallam-Baker Expires 17 April 2025 [Page 59] Internet-Draft Mesh Protocol Reference October 2024 and display affordances and are connected to a network. The account the device is to be connected to is entered into the device which displays a witness code. This code is then compared with a code displayed on the administration device to authenticate the request, after which both devices can complete the interaction. PIN Authenticated A variation of the Witness Authenticated interaction in which the connection process is initiated by creating a PIN value which is communicated to the device by some out of band means and used to authenticate the connection request. Dynamic QR Code (PIN) Authenticated For connecting devices that provide a camera affordance. The user sets the administration device into 'add device' mode, causing a QR code to be displayed. The QR code is scanned by the device being connected after which both devices can complete the interaction. Implementation of this mechanism is identical to the PIN authenticated scheme except that the PIN code is presented to the connecting device by means of a QR code. Preconfigured (Static QR Code Authenticated) For connecting devices that have been preconfigured with a device profile identified by means of a QR Code containing an EARL. The QR code is scanned by the administration device after which both devices can complete the interaction. Each of these interactions provide strong mutual authentication with minimal user effort. The witness authenticated connection interaction is intended for use in cases in which the device is already connected to a network. The QR code interactions are intended to provide support for acquisition of networking capabilities as part of the connection process. These functions are not currently specified. The Static QR Code Authenticated interaction is intended to support Internet of Things (IoT) devices which provide minimal interaction affordances. In each case, the objectives of the device connection interaction are the same: * Mutually authenticate the onboarding device and the Mesh such that the connection interaction only completes if both sides acquire the authentic profile of the other. Hallam-Baker Expires 17 April 2025 [Page 60] Internet-Draft Mesh Protocol Reference October 2024 * To provision the onboarding device with the Mesh ProfileAccount, and an ActivationDevice and ConnectionDevice record allowing the device to interact as a member of the Mesh with the set of rights specified by the user. * To create a CataloguedDevice record and append it to the Device catalog of the account to allow the device to be managed within that account. * (optional) to acquire networking capabilities to allow the above to be completed. The connection of the device to the Mesh Account is achieved through the creation of the ActivationDevice, ConnectionDevice and CataloguedDevice records described in [draft-hallambaker-mesh-schema]. These are created by the administration device in the third phase of each of the connection interactions described below and acquired by the onboarding device in the fourth phase. 9.1. Witness/PIN Authenticated The witness authenticated, PIN authenticated, and Dynamic QR code interactions all follow a common interaction pattern. The Dynamic QR Code (PIN) Authenticated interaction comprises four phases as follows: Phase 1: Issue of PIN credential (PIN and Dynamic QR code only) A PIN code is created and registered with the PIN Registration interaction described earlier and transmitted to the user by an out of band communication. In the case of the Dynamic QR code interaction, this is a QR code that is scanned by the connecting device. Phase 2: Onboarding Device Request to Service The onboarding device creates a RequestConnect message. In the PIN authenticated and Dynamic QR Code interactions, the RequestConnect is authenticated by the Device Authentication key and the PIN issued earlier. In the Witness Authenticated interaction, it is authenticated by the Device Authentication key alone. Hallam-Baker Expires 17 April 2025 [Page 61] Internet-Draft Mesh Protocol Reference October 2024 The onboarding device presents the RequestConnect message to the service by means of a Connect operation to the service servicing the account. This results in the exchange of the account and device profiles and the computation of a witness value from the two profile fingerprints and two nonce values specified by the onboarding device and the service. An AcknowledgeConnection message is posted to the Inbound spool of the account and returned to the connecting device. Phase 3: Administration Device Acceptance The account holder authenticates RequestConnect message and uses an administrative device to accept or reject the connection request. If the RequestConnect message has been authenticated by a PIN code, the connection request can be accepted automatically without additional user interaction. Phase 4: Onboarding Device Completion The onboarding device periodically polls the service for acceptance of the request by the administration device using the Complete transaction. The use of the PIN code to authenticate the request message is shown in $$$$. The PIN code MAY be presented to the onboarding device in any format accepted by the device. Administration MAY support presentation of the account address PIN code as a URI code. Administration devices SHOULD support presentation of the account address PIN code as a QR code containing the corresponding URI. 9.1.1. Phase 1: Alice> meshman account pin /threshold PIN=ADE7-U5DR-2YNJ-XKVX-4RUE-SVL5-5I (Expires=2024-10-15T13:10:56Z) The registration of this PIN value was shown earlier in section $$$ The URI containing the account address and PIN is: mcd://alice@example.com/ADE7-U5DR-2YNJ-XKVX-4RUE-SVL5-5I 9.1.2. Phase 2: The onboarding device scans the QR code to obtain the account address and PIN code. The PIN code is used to authenticate a connection request: Hallam-Baker Expires 17 April 2025 [Page 62] Internet-Draft Mesh Protocol Reference October 2024 Alice3> meshman device request alice@example.com /pin ^ ADE7-U5DR-2YNJ-XKVX-4RUE-SVL5-5I Device UDF = MBQD-CODE-XMWJ-QHE3-2KHZ-UKKF-TVVF Witness value = A6J3-EVU5-QGBM-WI4Z-HYUC-ONHP-O3VC The device generates a RequestConnect message as follows: { "RequestConnection":{ "AccountAddress":"alice@example.com", "AuthenticatedData":[{ "EnvelopeId":"MBQD-CODE-XMWJ-QHE3-2KHZ-UKKF-TVVF", "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJNQlFELUNPREUtWE 1XSi1RSEUzLTJLSFotVUtLRi1UVlZGIiwKICAiTWVzc2FnZVR5cGUiOiAiUHJvZml sZURldmljZSIsCiAgImN0eSI6ICJhcHBsaWNhdGlvbi9tbW0vb2JqZWN0IiwKICAi Q3JlYXRlZCI6ICIyMDI0LTEwLTE0VDEzOjEwOjU2WiJ9", "dig":"S512"}, "ewogICJQcm9maWxlRGV2aWNlIjogewogICAgIkVuY3J5cHRpb24iOiB7Ci AgICAgICJVZGYiOiAiTUNEWi1FQTM3LVBQTEEtVjVCUi0zNlRQLU5LREItNDRXVSI sCiAgICAgICJQdWJsaWNQYXJhbWV0ZXJzIjogewogICAgICAgICJQdWJsaWNLZXlF Q0RIIjogewogICAgICAgICAgImNydiI6ICJYNDQ4IiwKICAgICAgICAgICJQdWJsa WMiOiAicm5RRnFZZTItYjU1QkoyNHdnRDYteWdZd2RUVnZubHljSHRTSTRtNWQ5dG 1jLVlJN2JaTgogIEdOM1hwdFdoWThWZmVPS3RyU216VWtHQSJ9fX0sCiAgICAiU2l nbmF0dXJlIjogewogICAgICAiVWRmIjogIk1DQ0gtVVBJTC1XS0lGLUFNNVUtSFRM Ri0zM1RMLVZIN1QiLAogICAgICAiUHVibGljUGFyYW1ldGVycyI6IHsKICAgICAgI CAiUHVibGljS2V5RUNESCI6IHsKICAgICAgICAgICJjcnYiOiAiRWQ0NDgiLAogIC AgICAgICAgIlB1YmxpYyI6ICJnTXl1OHVnYmtOMkdQZG10OEo2WkQxY3M4UnhOcDZ lR1diWGpVanR5S1IyQkdIYk9tdmNWCiAgdXo5c09IWkFNeVVDUVBtYTBwQUpnRGdB In19fSwKICAgICJBdXRoZW50aWNhdGlvbiI6IHsKICAgICAgIlVkZiI6ICJNQVBIL TYzNlEtN0ZLVS1GM0hKLUxQQ0MtWktVRy1ZVzY0IiwKICAgICAgIlB1YmxpY1Bhcm FtZXRlcnMiOiB7CiAgICAgICAgIlB1YmxpY0tleUVDREgiOiB7CiAgICAgICAgICA iY3J2IjogIlg0NDgiLAogICAgICAgICAgIlB1YmxpYyI6ICItbDdpOWx2M3ZreVZG NG5STzZFSEtXRUs0LU1nNGRsRWpqM1ZhVGxqcTdwaFlrSnhqVnEyCiAgU28zSUlzY 1ZSMkRCOFA3eldNMlB3bldBIn19fSwKICAgICJSb290VWRmcyI6IFsiWUtPVFoyTU FKYk90TEVSaWdRLUpxV1NVeUFyM19WeGx1Wm1qYVpNaHRsWFFidlJtVjIKICBxeVZ KU1BXRy1OTHBtb3MxQkxPM1cwNjQ0RlB6Y3k0TWcwN3pJIl19fQ", { "signatures":[{ "alg":"ED448", "kid":"MCRZ-GZ3D-AAS3-HLJM-IRRI-CD4J-VFSJ", "SignatureKey":{ "PublicKeyECDH":{ "crv":"Ed448", "Public":"D09lNZXUcBq-n7euBgndE_nJ3xY5l0FEQHfgpd3 B4amV3fYhlbN6AdhTdkDIFLeDNvIiBiozmUUA"}}, "signature":"D5DxBdHfE-Wi6-LYWIPzIRO2QdrQ5VPWoHuFTAnP 9zojCK__6dN6iYKisCT1dRDXIGwiCe-TrUuA14Lrq0bmjoNJ50F5ghENqOlTzfDzX V8BjWzPQL0ag_VWpN3JaiU0HRgTVvkugRXpAEE-BZdPGC8A"} Hallam-Baker Expires 17 April 2025 [Page 63] Internet-Draft Mesh Protocol Reference October 2024 ], "PayloadDigest":"XRZfMR090Cn7lDCmGY2gOMS_cGiE2c8d6JLh_33T J0xxfWWvQEkyup7rgQMpWZNqIFEWBQZE2OgN4Kb0gbQHbw"} ], "ClientNonce":"Py_M7xlo5rLB8atEpCCQiA", "PinId":"AAKU-MJKW-GRDS-S3ZI-DONH-D6US-4REW", "PinWitness":"cqed33rRoC4fHnVTjzreoa_x5BLKpLmhY5jIfxBeCODgbqJ clhyCWmoZ30oNKcGu4tEvP7wvslU8h4iMobSRNg", "MessageId":"NBAM-IBG7-4IM2-UNK6-NQOQ-HFSR-4LBD"}} The service receives the conenct request and authenticates the message under the device key. The service cannot authenticate the message under the PIN code because that is not know to the service as the service cannot decrypt the local spool. Having authenticated the connect request, the service generates a random nonce value. The random nonce together with the device and account profiles are used to calculate the witness value. The AcknowledgeConnection message is created by the service: { "AcknowledgeConnection":{ "EnvelopedRequestConnection":[{ "EnvelopeId":"MBRN-LSG3-IBIK-2RUK-U4TO-HOZK-7ZJP", "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJOQkFNLUlCRzctNE lNMi1VTks2LU5RT1EtSEZTUi00TEJEIiwKICAiTWVzc2FnZVR5cGUiOiAiUmVxdWV zdENvbm5lY3Rpb24iLAogICJjdHkiOiAiYXBwbGljYXRpb24vbW1tL29iamVjdCIs CiAgIkNyZWF0ZWQiOiAiMjAyNC0xMC0xNFQxMzoxMDo1NloifQ"}, "ewogICJSZXF1ZXN0Q29ubmVjdGlvbiI6IHsKICAgICJBY2NvdW50QWRkcm VzcyI6ICJhbGljZUBleGFtcGxlLmNvbSIsCiAgICAiQXV0aGVudGljYXRlZERhdGE iOiBbewogICAgICAgICJFbnZlbG9wZUlkIjogIk1CUUQtQ09ERS1YTVdKLVFIRTMt MktIWi1VS0tGLVRWVkYiLAogICAgICAgICJDb250ZW50TWV0YURhdGEiOiAiZXdvZ 0lDSlZibWx4ZFdWSlpDSTZJQ0pOUWxGRUxVTlBSRVV0V0UxWFNpMQogIFJTRVV6TF RKTFNGb3RWVXRMUmkxVVZsWkdJaXdLSUNBaVRXVnpjMkZuWlZSNWNHVWlPaUFpVUh KdlptbHNaCiAgVVJsZG1salpTSXNDaUFnSW1OMGVTSTZJQ0poY0hCc2FXTmhkR2x2 Ymk5dGJXMHZiMkpxWldOMElpd0tJQ0EKICBpUTNKbFlYUmxaQ0k2SUNJeU1ESTBMV EV3TFRFMFZERXpPakV3T2pVMldpSjkiLAogICAgICAgICJkaWciOiAiUzUxMiJ9LA ogICAgICAiZXdvZ0lDSlFjbTltYVd4bFJHVjJhV05sSWpvZ2V3b2dJQ0FnSWtWdVk zSjVjSFJwYjI0aU9pQgogIDdDaUFnSUNBZ0lDSlZaR1lpT2lBaVRVTkVXaTFGUVRN M0xWQlFURUV0VmpWQ1VpMHpObFJRTFU1TFJFSXROCiAgRFJYVlNJc0NpQWdJQ0FnS UNKUWRXSnNhV05RWVhKaGJXVjBaWEp6SWpvZ2V3b2dJQ0FnSUNBZ0lDSlFkV0oKIC BzYVdOTFpYbEZRMFJJSWpvZ2V3b2dJQ0FnSUNBZ0lDQWdJbU55ZGlJNklDSllORFE 0SWl3S0lDQWdJQ0FnSQogIENBZ0lDSlFkV0pzYVdNaU9pQWljbTVSUm5GWlpUSXRZ alUxUWtveU5IZG5SRFl0ZVdkWmQyUlVWblp1YkhsCiAgalNIUlRTVFJ0TldRNWRHM WpMVmxKTjJKYVRnb2dJRWRPTTFod2RGZG9XVGhXWm1WUFMzUnlVMjE2Vld0SFEKIC BTSjlmWDBzQ2lBZ0lDQWlVMmxuYm1GMGRYSmxJam9nZXdvZ0lDQWdJQ0FpVldSbUl qb2dJazFEUTBndFZWQgogIEpUQzFYUzBsR0xVRk5OVlV0U0ZSTVJpMHpNMVJNTFZa Hallam-Baker Expires 17 April 2025 [Page 64] Internet-Draft Mesh Protocol Reference October 2024 SU4xUWlMQW9nSUNBZ0lDQWlVSFZpYkdsalVHRnlZCiAgVzFsZEdWeWN5STZJSHNLS UNBZ0lDQWdJQ0FpVUhWaWJHbGpTMlY1UlVORVNDSTZJSHNLSUNBZ0lDQWdJQ0EKIC BnSUNKamNuWWlPaUFpUldRME5EZ2lMQW9nSUNBZ0lDQWdJQ0FnSWxCMVlteHBZeUk 2SUNKblRYbDFPSFZuWQogIG10T01rZFFaRzEwT0VvMldrUXhZM000VW5oT2NEWmxS MWRpV0dwVmFuUjVTMUl5UWtkSVlrOXRkbU5XQ2lBCiAgZ2RYbzVjMDlJV2tGTmVWV kRVVkJ0WVRCd1FVcG5SR2RCSW4xOWZTd0tJQ0FnSUNKQmRYUm9aVzUwYVdOaGQKIC BHbHZiaUk2SUhzS0lDQWdJQ0FnSWxWa1ppSTZJQ0pOUVZCSUxUWXpObEV0TjBaTFZ TMUdNMGhLTFV4UVEwTQogIHRXa3RWUnkxWlZ6WTBJaXdLSUNBZ0lDQWdJbEIxWW14 cFkxQmhjbUZ0WlhSbGNuTWlPaUI3Q2lBZ0lDQWdJCiAgQ0FnSWxCMVlteHBZMHRsZ VVWRFJFZ2lPaUI3Q2lBZ0lDQWdJQ0FnSUNBaVkzSjJJam9nSWxnME5EZ2lMQW8KIC BnSUNBZ0lDQWdJQ0FnSWxCMVlteHBZeUk2SUNJdGJEZHBPV3gyTTNacmVWWkdORzV TVHpaRlNFdFhSVXMwTAogIFUxbk5HUnNSV3BxTTFaaFZHeHFjVGR3YUZsclNuaHFW bkV5Q2lBZ1UyOHpTVWx6WTFaU01rUkNPRkEzZWxkCiAgTk1sQjNibGRCSW4xOWZTd 0tJQ0FnSUNKU2IyOTBWV1JtY3lJNklGc2lXVXRQVkZveVRVRktZazkwVEVWU2EKIC BXZFJMVXB4VjFOVmVVRnlNMTlXZUd4MVdtMXFZVnBOYUhSc1dGRmlkbEp0VmpJS0l DQnhlVlpLVTFCWFJ5MQogIE9USEJ0YjNNeFFreFBNMWN3TmpRMFJsQjZZM2swVFdj d04zcEpJbDE5ZlEiLAogICAgICB7CiAgICAgICAgInNpZ25hdHVyZXMiOiBbewogI CAgICAgICAgICAiYWxnIjogIkVENDQ4IiwKICAgICAgICAgICAgImtpZCI6ICJNQ1 JaLUdaM0QtQUFTMy1ITEpNLUlSUkktQ0Q0Si1WRlNKIiwKICAgICAgICAgICAgIlN pZ25hdHVyZUtleSI6IHsKICAgICAgICAgICAgICAiUHVibGljS2V5RUNESCI6IHsK ICAgICAgICAgICAgICAgICJjcnYiOiAiRWQ0NDgiLAogICAgICAgICAgICAgICAgI lB1YmxpYyI6ICJEMDlsTlpYVWNCcS1uN2V1QmduZEVfbkozeFk1bDBGRVFIZmdwZD NCNGFtVjNmWWhsYk42CiAgQWRoVGRrRElGTGVETnZJaUJpb3ptVVVBIn19LAogICA gICAgICAgICAic2lnbmF0dXJlIjogIkQ1RHhCZEhmRS1XaTYtTFlXSVB6SVJPMlFk clE1VlBXb0h1RlRBblA5em9qQ0tfXzYKICBkTjZpWUtpc0NUMWRSRFhJR3dpQ2UtV HJVdUExNExycTBibWpvTko1MEY1Z2hFTnFPbFR6ZkR6WFY4QmpXegogIFBRTDBhZ1 9WV3BOM0phaVUwSFJnVFZ2a3VnUlhwQUVFLUJaZFBHQzhBIn1dLAogICAgICAgICJ QYXlsb2FkRGlnZXN0IjogIlhSWmZNUjA5MENuN2xEQ21HWTJnT01TX2NHaUUyYzhk NkpMaF8zM1RKMHh4ZgogIFdXdlFFa3l1cDdyZ1FNcFdaTnFJRkVXQlFaRTJPZ040S 2IwZ2JRSGJ3In1dLAogICAgIkNsaWVudE5vbmNlIjogIlB5X003eGxvNXJMQjhhdE VwQ0NRaUEiLAogICAgIlBpbklkIjogIkFBS1UtTUpLVy1HUkRTLVMzWkktRE9OSC1 ENlVTLTRSRVciLAogICAgIlBpbldpdG5lc3MiOiAiY3FlZDMzclJvQzRmSG5WVGp6 cmVvYV94NUJMS3BMbWhZNWpJZnhCZUNPRGdicUpjCiAgbGh5Q1dtb1ozMG9OS2NHd TR0RXZQN3d2c2xVOGg0aU1vYlNSTmciLAogICAgIk1lc3NhZ2VJZCI6ICJOQkFNLU lCRzctNElNMi1VTks2LU5RT1EtSEZTUi00TEJEIn19" ], "ServerNonce":"w0zST52oIkf29KzfHGQ78g", "Witness":"A6J3-EVU5-QGBM-WI4Z-HYUC-ONHP-O3VC", "MessageId":"A6J3-EVU5-QGBM-WI4Z-HYUC-ONHP-O3VC"}} The AcknowledgeConnection message is appended to the Inbound spool of the account to which connection was requested so that the user can approve the request. The ConnectResponse message is returned to the device containing the AcknowledgeConnection message and the profile of the account. Hallam-Baker Expires 17 April 2025 [Page 65] Internet-Draft Mesh Protocol Reference October 2024 The device generates the witness value, verifies it against the value provided by the server and presents it to the user as seen in the console example above. 9.1.3. Phase 3: The user synchronizes their pending messages: Alice> meshman message pending MessageID: A6J3-EVU5-QGBM-WI4Z-HYUC-ONHP-O3VC Connection Request:: MessageID: A6J3-EVU5-QGBM-WI4Z-HYUC-ONHP-O3VC To: From: Device: MBQD-CODE-XMWJ-QHE3-2KHZ-UKKF-TVVF Witness: A6J3-EVU5-QGBM-WI4Z-HYUC-ONHP-O3VC MessageID: NCX7-ADC5-L2CD-W5IY-SFT4-NX2U-XZQL MessageID: NAZG-5KBV-D32X-O24L-XTYS-26GV-FC6Z Confirmation Request:: MessageID: NAZG-5KBV-D32X-O24L-XTYS-26GV-FC6Z To: alice@example.com From: console@example.com Text: start MessageID: NANN-LZ5N-6AHO-AOBD-VD6I-X7C3-GJHY MessageID: NBCN-N55H-QYZX-F2TB-U5R3-2T6B-5W47 MessageID: NDHA-E73C-WZUG-QCMR-5IPX-52JV-WYX6 Alice> meshman account sync /auto The administration device determines that the device connection request is authenticated by a PIN code. The PIN code is retrieved and the message authenticated. This is shown in the PIN registration interation example in section $$$ above. Bug: This command is currently showing superflous pending messages due to the failure to clear messages processed in earlier examples. The Cataloged device record is created from the public key values corresponding to the combination of the public keys in the device profile and those defined by the activation. This is returned to the onboarding device by wrapping it in a RespondConnection message posted to the local spool of the account. { "RespondConnection":{ "Result":"Accept", "CatalogedDevice":{ "DeviceUdf":"MBQD-CODE-XMWJ-QHE3-2KHZ-UKKF-TVVF", "EnvelopedProfileUser":[{ "EnvelopeId":"MBQC-7OHA-RNBA-FRDL-R4GI-YQHA-DL36", Hallam-Baker Expires 17 April 2025 [Page 66] Internet-Draft Mesh Protocol Reference October 2024 "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJNQlFDLTdPSEEt Uk5CQS1GUkRMLVI0R0ktWVFIQS1ETDM2IiwKICAiTWVzc2FnZVR5cGUiOiAiUHJvZ mlsZVVzZXIiLAogICJjdHkiOiAiYXBwbGljYXRpb24vbW1tL29iamVjdCIsCiAgIk NyZWF0ZWQiOiAiMjAyNC0xMC0xNFQxMzoxMDo0NVoifQ", "dig":"S512"}, "ewogICJQcm9maWxlVXNlciI6IHsKICAgICJDb21tb25TaWduYXR1cmUi OiB7CiAgICAgICJVZGYiOiAiTUROVC1XVDNHLTM0NkctNEk1VC1ZVjdGLUxUUVgtU FNOVCIsCiAgICAgICJQdWJsaWNQYXJhbWV0ZXJzIjogewogICAgICAgICJQdWJsaW NLZXlFQ0RIIjogewogICAgICAgICAgImNydiI6ICJFZDQ0OCIsCiAgICAgICAgICA iUHVibGljIjogIklNeU1vN2ZFeTJ2SHA4c3lRMFZVNFhpdnBKRWhnUVFTWDNqOG12 YTRIQ19UMDVVbmhRWXEKICBWWnl1dklRRVZvMmR5TUNSbTYwUTNFMEEifX19LAogI CAgIkFjY291bnRBZGRyZXNzIjogImFsaWNlQGV4YW1wbGUuY29tIiwKICAgICJTZX J2aWNlVWRmIjogIk1CUUQtRVRYVS1IWlJXLUEyNk8tV0RUUi1LN0dJLVg2SkQiLAo gICAgIkVzY3Jvd0VuY3J5cHRpb24iOiB7CiAgICAgICJVZGYiOiAiTUNLRC0zTVI2 LVAyVEUtTTZVNC00TElPLVpUUkctRFpWUyIsCiAgICAgICJQdWJsaWNQYXJhbWV0Z XJzIjogewogICAgICAgICJQdWJsaWNLZXlFQ0RIIjogewogICAgICAgICAgImNydi I6ICJYNDQ4IiwKICAgICAgICAgICJQdWJsaWMiOiAiMXZOVUFBcDNyc3pJcGhHOEV zZm9hTzVZNnNaQ24wSGM4ekNnZFFpdllwSkFjRHRta1NzQwogIGVJMmdtRFRDSzZT clMxVWdQdHVZbVR3QSJ9fX0sCiAgICAiQWRtaW5pc3RyYXRvclNpZ25hdHVyZSI6I HsKICAgICAgIlVkZiI6ICJNRDJMLTZNN0MtWjNaMy1RM0FMLUpGWUktWklVQy1CS1 VSIiwKICAgICAgIlB1YmxpY1BhcmFtZXRlcnMiOiB7CiAgICAgICAgIlB1YmxpY0t leUVDREgiOiB7CiAgICAgICAgICAiY3J2IjogIkVkNDQ4IiwKICAgICAgICAgICJQ dWJsaWMiOiAiYkhvS2IwYzEyRjdjaWJNXzNnWmNKWE16T09YNHNuSGdQVndPZlJZa zZBUkpPc0dQZW1zZAogIDJCbTBXZm1Ba1JZTzNFUTZmajhfTnpTQSJ9fX0sCiAgIC AiQ29tbW9uRW5jcnlwdGlvbiI6IHsKICAgICAgIlVkZiI6ICJNQVlGLUQ3TEotNUl NUC1FVUNHLUhTR0gtN0xTUi1BQVBaIiwKICAgICAgIlB1YmxpY1BhcmFtZXRlcnMi OiB7CiAgICAgICAgIlB1YmxpY0tleUVDREgiOiB7CiAgICAgICAgICAiY3J2IjogI lg0NDgiLAogICAgICAgICAgIlB1YmxpYyI6ICJjN29vcko4MDhzYzlkNDBLWERoSU hnQ1RGejM5TUszSmpPMFE3S191ZkRFR0RLaXdWS2hkCiAgM29QUTQ0UEVxR2p3a3B wN09mYmNCYlNBIn19fSwKICAgICJDb21tb25BdXRoZW50aWNhdGlvbiI6IHsKICAg ICAgIlVkZiI6ICJNQUZULVNJTkEtU0ZYSS1QQkRZLVdSSEUtTlhZTC1EWFZUIiwKI CAgICAgIlB1YmxpY1BhcmFtZXRlcnMiOiB7CiAgICAgICAgIlB1YmxpY0tleUVDRE giOiB7CiAgICAgICAgICAiY3J2IjogIlg0NDgiLAogICAgICAgICAgIlB1YmxpYyI 6ICJYY2dFejl5MmNxc3g0WmViR0VSVGpyTi14ek44M0QtcGN4MDY1MXgtV1VDcVlO cnNuelRICiAgNDBDcG9NeHVOLUZucFQ1bV9iME15dUtBIn19fSwKICAgICJSb290V WRmcyI6IFsiWUJKUjNqUjJQbGpkWWs1cXhiV2RIWTByVFlFYUZBa0hZM01tc1I4en ZOMURyMzNSbkwKICBVTDNUaHJHOURNV0JaM1AtOFp5R3p5S2FRWXdlY28yWlV0Y0t 3Il19fQ", { "signatures":[{ "alg":"ED448", "kid":"MAJF-DXRU-OY7F-RXLC-JZVM-LNM5-DWGS", "SignatureKey":{ "PublicKeyECDH":{ "crv":"Ed448", "Public":"9sZGEfYSIoTvVSL0Q5c_Oip_Hi2iOTsl4L3iL whfOv9bA-5nd7PyRooKEsQx-lA7PMAYBewSOmIA"}}, "signature":"6x3k8AC2jkUQv0jzlUVWJDqP7zcNkKAqvPcAs7 Hallam-Baker Expires 17 April 2025 [Page 67] Internet-Draft Mesh Protocol Reference October 2024 Ci2jXULjbIFAFCct8GC8Nb8KiD5ljoLAsVHr-AnYcjklyXSHN6Gn_BIZiLiW3Yu5_ ChXHspywX-ZGMD6soXJIilOzreauR-_aiUE7Gx0eh3Fje2wEA"} ], "PayloadDigest":"tXPfbmg_SRmARF_7HLPq-bM6NMO1h1Oa30f_Ag _TIRzGKMrmTKtV7XH-h3NIBFGxOQYuD0BproKNEg6uhtG0Mw"} ], "EnvelopedProfileDevice":[{ "EnvelopeId":"MBQD-CODE-XMWJ-QHE3-2KHZ-UKKF-TVVF", "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJNQlFELUNPREUt WE1XSi1RSEUzLTJLSFotVUtLRi1UVlZGIiwKICAiTWVzc2FnZVR5cGUiOiAiUHJvZ mlsZURldmljZSIsCiAgImN0eSI6ICJhcHBsaWNhdGlvbi9tbW0vb2JqZWN0IiwKIC AiQ3JlYXRlZCI6ICIyMDI0LTEwLTE0VDEzOjEwOjU2WiJ9", "dig":"S512"}, "ewogICJQcm9maWxlRGV2aWNlIjogewogICAgIkVuY3J5cHRpb24iOiB7 CiAgICAgICJVZGYiOiAiTUNEWi1FQTM3LVBQTEEtVjVCUi0zNlRQLU5LREItNDRXV SIsCiAgICAgICJQdWJsaWNQYXJhbWV0ZXJzIjogewogICAgICAgICJQdWJsaWNLZX lFQ0RIIjogewogICAgICAgICAgImNydiI6ICJYNDQ4IiwKICAgICAgICAgICJQdWJ saWMiOiAicm5RRnFZZTItYjU1QkoyNHdnRDYteWdZd2RUVnZubHljSHRTSTRtNWQ5 dG1jLVlJN2JaTgogIEdOM1hwdFdoWThWZmVPS3RyU216VWtHQSJ9fX0sCiAgICAiU 2lnbmF0dXJlIjogewogICAgICAiVWRmIjogIk1DQ0gtVVBJTC1XS0lGLUFNNVUtSF RMRi0zM1RMLVZIN1QiLAogICAgICAiUHVibGljUGFyYW1ldGVycyI6IHsKICAgICA gICAiUHVibGljS2V5RUNESCI6IHsKICAgICAgICAgICJjcnYiOiAiRWQ0NDgiLAog ICAgICAgICAgIlB1YmxpYyI6ICJnTXl1OHVnYmtOMkdQZG10OEo2WkQxY3M4UnhOc DZlR1diWGpVanR5S1IyQkdIYk9tdmNWCiAgdXo5c09IWkFNeVVDUVBtYTBwQUpnRG dBIn19fSwKICAgICJBdXRoZW50aWNhdGlvbiI6IHsKICAgICAgIlVkZiI6ICJNQVB ILTYzNlEtN0ZLVS1GM0hKLUxQQ0MtWktVRy1ZVzY0IiwKICAgICAgIlB1YmxpY1Bh cmFtZXRlcnMiOiB7CiAgICAgICAgIlB1YmxpY0tleUVDREgiOiB7CiAgICAgICAgI CAiY3J2IjogIlg0NDgiLAogICAgICAgICAgIlB1YmxpYyI6ICItbDdpOWx2M3ZreV ZGNG5STzZFSEtXRUs0LU1nNGRsRWpqM1ZhVGxqcTdwaFlrSnhqVnEyCiAgU28zSUl zY1ZSMkRCOFA3eldNMlB3bldBIn19fSwKICAgICJSb290VWRmcyI6IFsiWUtPVFoy TUFKYk90TEVSaWdRLUpxV1NVeUFyM19WeGx1Wm1qYVpNaHRsWFFidlJtVjIKICBxe VZKU1BXRy1OTHBtb3MxQkxPM1cwNjQ0RlB6Y3k0TWcwN3pJIl19fQ", { "signatures":[{ "alg":"ED448", "kid":"MCRZ-GZ3D-AAS3-HLJM-IRRI-CD4J-VFSJ", "SignatureKey":{ "PublicKeyECDH":{ "crv":"Ed448", "Public":"D09lNZXUcBq-n7euBgndE_nJ3xY5l0FEQHfgp d3B4amV3fYhlbN6AdhTdkDIFLeDNvIiBiozmUUA"}}, "signature":"D5DxBdHfE-Wi6-LYWIPzIRO2QdrQ5VPWoHuFTA nP9zojCK__6dN6iYKisCT1dRDXIGwiCe-TrUuA14Lrq0bmjoNJ50F5ghENqOlTzfD zXV8BjWzPQL0ag_VWpN3JaiU0HRgTVvkugRXpAEE-BZdPGC8A"} ], "PayloadDigest":"XRZfMR090Cn7lDCmGY2gOMS_cGiE2c8d6JLh_3 3TJ0xxfWWvQEkyup7rgQMpWZNqIFEWBQZE2OgN4Kb0gbQHbw"} ], Hallam-Baker Expires 17 April 2025 [Page 68] Internet-Draft Mesh Protocol Reference October 2024 "EnvelopedConnectionService":[{ "ContentMetaData":"ewogICJNZXNzYWdlVHlwZSI6ICJDb25uZWN0 aW9uU2VydmljZSIsCiAgImN0eSI6ICJhcHBsaWNhdGlvbi9tbW0vb2JqZWN0IiwKI CAiQ3JlYXRlZCI6ICIyMDI0LTEwLTE0VDEzOjEwOjU2WiJ9", "dig":"S512"}, "e7QRQ29ubmVjdGlvblNlcnZpY2V7tApQcm9maWxlVWRmgCJNQlFDLTdP SEEtUk5CQS1GUkRMLVI0R0ktWVFIQS1ETDM2tA5BdXRoZW50aWNhdGlvbnu0A1VkZ oAiTURPNS1YTkpPLUxDUVctR1pTSy1RMklKLU4zQk4tQ0JDN7QQUHVibGljUGFyYW 1ldGVyc3u0DVB1YmxpY0tleUVDREh7tANjcnaABFg0NDi0BlB1YmxpY4g5tfcoRrH -moXof3ppxP-1rsXnpnEc37YXEQumpfPz-MS_fTyxbhajFi1bpr5dZQjrPqCVVWMP FmiAfX19fX0", { "signatures":[{ "alg":"ED448", "kid":"MD2L-6M7C-Z3Z3-Q3AL-JFYI-ZIUC-BKUR", "signature":"9TrTu8tVJ2f9e7_PgVQD2O9JwsxrEyzjTWyqoV rlqW1NA4EKkPcPnnMKFFMflbte38rYUSIngUUApFwe2RFaBD_9p3gDpEJgXjQyHyj cHn6gu8iOP0WMwUiAgNQCJLJLXxw_zYpIjwIlDUoYA5eaLzkA"} ], "PayloadDigest":"oEuqftV2yGBBO-zcHdLaZlE24EedCob55acnhS mU_3hmwB5GGwKkAaEc3arbl8LlFvw8qcOx4DEmbn2e0l_ETQ"} ], "EnvelopedConnectionDevice":[{ "ContentMetaData":"ewogICJNZXNzYWdlVHlwZSI6ICJDb25uZWN0 aW9uRGV2aWNlIiwKICAiY3R5IjogImFwcGxpY2F0aW9uL21tbS9vYmplY3QiLAogI CJDcmVhdGVkIjogIjIwMjQtMTAtMTRUMTM6MTA6NTZaIn0", "dig":"S512"}, "e7QQQ29ubmVjdGlvbkRldmljZXu0BVJvbGVzW4AJdGhyZXNob2xkXbQJ U2lnbmF0dXJle7QDVWRmgCJNQk43LTJWUkotVjc3Ry1CTzJaLVNSVDItUEtZSy1GS ExQtBBQdWJsaWNQYXJhbWV0ZXJze7QNUHVibGljS2V5RUNESHu0A2NydoAFRWQ0ND i0BlB1YmxpY4g5mHAKd6yWYjepjbjcF5AE3_mVB3NCLhPL_g_UIwgI5j9GvARZLzs drWAngOGTv7M6R_WM2IrWl3GAfX19tApFbmNyeXB0aW9ue7QDVWRmgCJNQjVILVlZ QVEtTUtLVC01SkNNLUZXUkwtSElKMi02TjdPtBBQdWJsaWNQYXJhbWV0ZXJze7QNU HVibGljS2V5RUNESHu0A2NydoAEWDQ0OLQGUHVibGljiDk0NPeEx6n3ELUk1MYr0r 3nSo-qxXfvvn35g2S5sxZqo8uMquHzzA1PWaVNF5bharNF__kWmerQxYB9fX20ClB yb2ZpbGVVZGaAIk1CUUMtN09IQS1STkJBLUZSREwtUjRHSS1ZUUhBLURMMza0DkF1 dGhlbnRpY2F0aW9ue7QDVWRmgCJNRE81LVhOSk8tTENRVy1HWlNLLVEySUotTjNCT i1DQkM3tBBQdWJsaWNQYXJhbWV0ZXJze7QNUHVibGljS2V5RUNESHu0A2NydoAEWD Q0OLQGUHVibGljiDm19yhGsf6aheh_emnE_7WuxeemcRzfthcRC6al8_P4xL99PLF uFqMWLVumvl1lCOs-oJVVYw8WaIB9fX19fQ", { "signatures":[{ "alg":"ED448", "kid":"MD2L-6M7C-Z3Z3-Q3AL-JFYI-ZIUC-BKUR", "signature":"yYwmrYVkddU86Hm99yKb4QlqVqr1Rw4vAdaztF l8FRG3tCO77sMc5vMLcSJTkdK-FOGOrQRk11iAGZ5ZEgLMFJn-QRpSmcbBLeel6lD SUJQRkjVUavbCxej4RKJoMOJbzuBmZdvsreHynZdbk7p7fzIA"} ], Hallam-Baker Expires 17 April 2025 [Page 69] Internet-Draft Mesh Protocol Reference October 2024 "PayloadDigest":"CsqBGYf0fzZ8YE4nzhUuuvfL0lGsaAkNFKCUhf 1YsIwCxuDQY_zZjVcOEgFsVeUggfmm_spXiahBMaDM7zz2fA"} ], "EnvelopedActivationAccount":[{ "enc":"A256CBC", "kid":"EBQM-YIA4-PNBW-ECVY-NBBW-CT2Z-WUX2", "Salt":"kugd4f-D2t7K2ESGjW7J9A", "recipients":[{ "kid":"MCDZ-EA37-PPLA-V5BR-36TP-NKDB-44WU", "epk":{ "PublicKeyECDH":{ "crv":"X448", "Public":"fH2svl6_uVYsor6k0kzRFZEfAXWOAedsri-XL 9YRzAQsN_l_M9DzmRWxbvDsLC0fztCVsvfTsN-A"}}, "wmk":"JNEdtBna70N_7MINkiCfkRdXRfqGXo3d6QXoPyoRkUqp N3bSxdYJKA"} ], "ContentMetaData":"ewogICJNZXNzYWdlVHlwZSI6ICJBY3RpdmF0 aW9uQWNjb3VudCIsCiAgImN0eSI6ICJhcHBsaWNhdGlvbi9tbW0vb2JqZWN0IiwKI CAiQ3JlYXRlZCI6ICIyMDI0LTEwLTE0VDEzOjEwOjU2WiJ9", "dig":"S512"}, "-fy3XJD_nkzc5E0amfUxXyd9iv9ucViLMp8hOhrMSEBDOCwPybwnY-hS wNA6-DwlMZ1q8tfpTmjJizv6Mkf4PRkYE4qOJJTDbxtS6lNMvBJhBvcKgMDoeAnVf Y7x9BomZLlERwo6BMH9WavqiMshfLEC9RJ4BSfjfMcp5-P_5qZ_fRAutzAOB_vsEA 97F0SmzjM7Mjdk0M0iVtR2F4UH-FEEgQFdAmoYwSFV3bXCWRkYRD0y-B_4kWqBXvL 1-SM2", { "signatures":[{ "alg":"ED448", "kid":"MD2L-6M7C-Z3Z3-Q3AL-JFYI-ZIUC-BKUR", "signature":"arywkmG5iJUxfP4MHIMgcmXyDk8nWzsh6RUz8Q CiGo60E2JqqRtaZscxTlYaEsEMR0Ugs-AH8cKAD7f__RB4DxiUuWORY11txAmfpIR 2NwLnIsQ0S65x5dauAJ5mFY0QTDucNfXGDaCU8V4UlDIn-QcA"} ], "WitnessValue":"4KPjB1dl0OVeugi6FxuDd2l76-tOdwQ-3KVVWqo Ai0g", "PayloadDigest":"XFmB2PVKxowqhjsTobBlWcqL6lxrrmrTPbmgC2 acKwBiF-8IQFVAep1nSCYX-FXTibvVJYhov1JbEVNriE0pBQ"} ], "EnvelopedActivationCommon":[{ "enc":"A256CBC", "kid":"EBQJ-A3RO-PE4X-7LMM-QSPW-EMFA-HGDX", "Salt":"RImEmW_A-Z5v3zqz_aYesQ", "recipients":[{ "kid":"MB5H-YYAQ-MKKT-5JCM-FWRL-HIJ2-6N7O", "epk":{ "PublicKeyECDH":{ "crv":"X448", Hallam-Baker Expires 17 April 2025 [Page 70] Internet-Draft Mesh Protocol Reference October 2024 "Public":"dDyHxC6UbAhRoN3dYsK8Sq-UAqA_wwA01zolu b1zuhKOAY_TB7RNhjcNYK7_DIGoitWQVVOKM0SA"}}, "wmk":"Hx1gKmlhsjVZdRqKAgkmnOPwrI2HpEuK7zVEmiGeGj-p K3ay4x28Nw"} ], "ContentMetaData":"ewogICJNZXNzYWdlVHlwZSI6ICJBY3RpdmF0 aW9uQ29tbW9uIiwKICAiY3R5IjogImFwcGxpY2F0aW9uL21tbS9vYmplY3QiLAogI CJDcmVhdGVkIjogIjIwMjQtMTAtMTRUMTM6MTA6NTZaIn0", "dig":"S512"}, "4dJQ5E39vl5VRFBsQ5u30C_8Yg8V3J1wS_8-sZIU2ElTVOr_5WbK0_oi gYUdnlTE40tAzb_W7sOrVm5BnIFuU8q55kDOXtBPlCaDZHZ1WKhJKfmePQMdUpEnx uIEVajUrO2iw0Cft5Y63KZnlzQeJTBj3hF-pVYHZGgxz2fNiu-_wBclnP5P_O0lzC 972FZp5B2UHqsDTFgngY4qgMfQJvbR1HybThFFjeicjJF06umMGSi4caQwpevNAoY OsbTbXHlCtrZo1RFhE0Rfn-44M50Dm-QVaqB5EhGCv06i1UKGnc2QXje3WBTxvnKz z-z23SD_uRTVWhab4ln4wMSXu_75Fz0u_FMa6yowlKjOzs7XnbNlQ21HotQZN22Qs Q5pdIge9Qk399Yu4rWbO9OfsJD4gEDIIGr1lTMEncub3XflJcMqQjdX8a9Lt_yvgb UmYvkcTLSy8CF2bH06KdAU1NpW-XrI6GgYfp3WYOEBnIApF8H-NNoJ5LuMG6KMStB zfk5cbTmLBi1kwPXgEgwi_FYNIdbfoYu3qylAWNMRxt6X-xfQr7rTIEMiKwhyYWfc 6UcrmGmcKZTwDyYsrMxrOm8LhG1fwVTrt4by_sooUSDW5OLy0_AhLHqknFg1VGvT_ xkYQEpnYw0hxEMfIyPsGFQpOAenCbWHjR0-jz2jI4ulI7rNEu6JEBcmR4FQcu3pLo covG5UrQHddkfZ51ATcVUkMw44GskHWF7uyD1OaAWIj95ttGdRWNdZ0X8GKLlYWv5 tZEzMeK9Cxy38K_ilpjKTxuwYWNR29xa5tuz77TEpLddeXAbUt5Y081yC3D6JlAxp kv4p7uCRfD_UjXA-N0HmG8SG2iUE7XD3g60FsNQOMaslgKEx0iDFlIOYY4Q3Mj6eN Rq_B8U_iEKAyiCdJB1qPVhZtAd1TsDtiV_1XSKismRhtiEkqSOB570fyw1s3Gz6lG zWHm7Q_sy5yGKRL1BoLZR6jrzakzMlifGNAbuXh8VuHeeAen7a5pAOOwwJJ1DpohX b-b0djyRmYCp_1wZ6CD2XWQHXi7zRRrULCfdqedAR5SvUB288AG0asmNkWCi5jtAj Q812ZmwRHLAW98HpSZC8Etgwp_aQBBwnEp8q_cvosmvEI3EZGeoCd0MgGX2iG670G _B1nNBtDCqrmvE5mfg8PkeCSaFZWPYY2Uv8raIPyzrz0PBtQxVrsnUrErrYVNOZOq NiJLgpNLbNGtz6ZGBrln2GSi7XRzzM3BhZLUB3_bOKrq_VhKQXwCu6VT4amEJ3ak7 w5zLJ0LsvMshwYhZjmHRYFDZ2qqHMQDbPiMCYcFGn6mAybuzGr68CFVF-pFRXckyv h0FtFiKjewwABEGIaAF6qeuzEDWVD6bn6pMa5eiZgEQ4iiyrcZWmNVS0D7E5R2yZu TEIRFOtx-tWivth4JGFh64rzIvnOoHwxukk3JoQnmjkTKIMLms7Ao_FY1Ow9Ofbf1 ELoLJrZ24Z7z9wyuo1ROTeJA9PJ0eDJnLKjuLdVszT6zttKSDVn9jIaXcm2jeJcly Nce49EN7c3tw0bT-akFM9-CDBVa0T3rU0N7YfnKiXYpS01JyzBqPVxnA754EX1EIT jp0VMB60k0UG_5dsSV_PMlAfBJP0G0gDhogjB9gEyabXbVEbOA0Bq9_-6cJEIjsnZ _pyxBggy4qy-w9ktb0IB-X7rB2mfrkp4OH_nggzoH-O59-e_pBO2q1nuJ8NoCuZWW 169w1GQMMJsjOvpN-VgLHy9eFA6-GukqhAZsB-FFHOqU8HRiDIrw92PD4O1si782c BIdxTaqYZaFnyEFk5PnFMTrvdfPj3wakmJ6apYITX6CWVP0M8X6-D2JPkNaXHn5oo FS811yVIZOJKK7_DSCVyVlAyNwhURlJwYWgwr_0-aYhR5TMME-zw66QEb0_dnmy8O _qNyHCsyAdk4ZhwPdJAWjKF_hXeTA_BzQC4ilzYwhcMOKYsx4VDgrsDqN2SKCIGry 6-FJbTQR22iMPbMHMrYJQ2mh5GEx1dWJUWOIrNAvhwJiKF_RrD_dDrWt975sT6gMn w-GPWDuqWR1TX5gNWZr_gfeF1jM2UuDt4SvhgdQI2dqaf-eT5FOTSqMvgR5gghVRu X8Lm_19s6evcO89H0sxaSWjxBIgfdhJZeAoNcrUSdR4LvtDLehSbD2t9SQH6UfFs- nEYIWmAt9c_ADthMibgI_FiiSziQcvf83MzH_HoTNinmcdpgcIrssBVTyhOFpsT_s 9pcoe4L2WTRNKMy2rp6Y_cklVPweYlE183tw1hrBpcbdwMQ5W-_GNXHqWYFBrjyVY LP-OOfnvV3_n6cZ306QbpT1OT5tyrQlMOqk2J9ruFVunGxeL7C24H7ftpf6c_Upvs pbMQhptT9OITgvSngcjfAubu2vAj3asYA_UNsfOGn2wRkCQrE3fTY43S2Rjqwvv4Y BfubcriYgf_yaexaoE1w5XzjCBcYdQP9SVfOFGGGKvATLT24xLF-OYfiYSjwYRiFV Hallam-Baker Expires 17 April 2025 [Page 71] Internet-Draft Mesh Protocol Reference October 2024 64oEy79I9eXgaa-fQdtvKIyJlW_KHA0LVcKdGAbpuYZYm_V8Djq3tlvwwj31H2TQ4 nkGJrejs9BQR77KDaoOoYOlEWal7wg6TIrSj_MV4wE_3DyOY1nymrVaEVwYQYGpxM CiIPHnoA8sbrXXA9tpweicUw695kXTUvrnVb1sayODAzqOELzm-h0XC4xGHyjxB9X KQeUOfr_z0py2wTBEAZnlOZfL0ne7CrPkaIYfHHjJohZMlZOg38Hutg2KUF1yTx3H hKgzxTwo-mMgRfeytQWA1tSntBJYNvWykRnnMUR8yorv7CUv4y8p3xg9Cb8tCG4Df JYD3rTXf_wmyryflgJ3-2yNriJlX_Mi-nHgyRrObzeitRyQVSbUMxoendfMKJQJh_ rC4AxjgOpDj27Og8ba4Pyph6P6xXIteOdIRTwP_J6Ln2-SwZl3C55LOhnwYB5YIo5 A_PH2RuUpZ2gf1X0gBbT41slwy78xy4TeBtpOa2FBW9z0-UCtPI_U1NGqNaB_c5zs sArER5yRo9QrUv25y1GW43YHJu0TcNARWHWkDmT-b-oJSvouVaZGbz623JoAX2OnB zqsFzBf9fK8kbyymh1eLJmgKn8l8pf2-jgtr-UnjHwGChbiOj93VlQ-S5PDsb3j3p bfY5jBl2oU7VTze74T4pSbv62PQVjTg2JwIYHI-cK6x8IZJHJeCbH5i_P6kpnHTQv ItuEAlSliGVUyJ7Wm-0fzd8qgCybwQtv5nyKdyiA8-EkXKAUIIIMhabKADtsYOzdz 8DfB9TNKLzc-ueidtRARFQAYMaWKDO-KrUnye9J9kgsRQaoJhUaaGLymDqX-CE3kp sSigbr53uV0e_lNPjswH2ddI56ELo1ZFbX_75XlNyk7poMSZ2f_q62SMpCTYkH-Hc 0XS8vzP1NHITyJXi8Xl5xdyI8-IWCQLPpvdWiyDx111VFN3aSncIiWXOw5sWutK6j novXDbm078TVL4zQAOvGZ5zbjhExatWXIhxdH1RB28KyLtJ7SgDsN8qPB9ZJXhY80 b7aKnFxb1v2Rxy1JNvwnFyaOuEUQjAN5jbDYf40E1VlQcakk6x_WOEs7FINBej16n oztqAQ7mmyxDVMICWsveRMEx07eC0gYHzRA044SeiBBlp-mYdyD3gSwKsM-F2dYZ0 y7GLUR-sPhrNJg0ScBAT1j3_MUESm1k36VwGwSp85_8OerTCu2f7dojp_xqCB0ZSV L0_zpPAyYrGlfKobYBDdhgJU_LD73jTVeaXZi0zgEAAlYsp0Rn7NMwOBejBaVC5Iq IgYuW3_UlXs7YtRFMxydXJrcZnFQx6HMhP8GMr_f119jjnnaNi01I7SvWbHU2Zs4U sSAjcM53PD-pytSDCMDNfB_qXZWLt_cv2EM2C997Dz5HG9rz3dyrOJ1XM4LiCAgOT aDjYS9OzgKrpAchO0w-AwSKJ_7Peg2J90_MPu0o0J8Azowo6Fe_BgHdCtuDK0UMl5 J88GXkSU3g9AoHQSdXOmr6yHbDVDyrQXiEjrdfzwoJEvfUi8XVSS27p_ic8s1gAvL bJh2ev43TpknOaHikquURA0aLZT7B2OZSD2XtLzaNUSbu3DkPphvGvGR9mVfPv-n8 OrbpX_RgCZtCLju4no1SwY9RFhqiYBRPRJFfi77B2cIOiaeSaDMphDo4jA2yFypeE UKOd-JdLlTX1YzwZmgu3TgpxR_Em6UffHM0z8x8lQbYmuGKW71ZcvYqSOeh6fK60C sPUZsn-G6Lxd2qGX_Zc1htZ_E_3NAUMdF82VzMyj90SCLQ1EaKwRQaHaF9rgKHjsM wbFMUoCUL5N5WCxKRkDr2QLtfJ2ezMQ3GrpDiw2xHq-xZEzTUnq-dzuO428ovJypv vxglUgthfOO8NE5a15gTP19HARTuT2WZQxiSyRGucoItLZhxUM6WxHB_aGVDcDm5a xzdVNbYaesqdE61cHswDOnY4smxtO8Zy6uT12WPw46S0LWoDv0ba_hyMEMpJTNKd6 i9DAG305R0P3NYVFvyJKOok1e8-nlpQE7G_R2exVdgUkNJYLvl0M7pGE70faXVm3k 0UqUojmO0P6RpsrKcLmBm_0J5vbLdeRexxcSh0Trj-xDhjL62hG0gWe6IoCc5GYIw qComX7pLJ-G5h8MI4oB7npCK55_2DvrvyXBFtPiYuxi9mfQOXevhDYKukAk7U12g9 pwnJSRvF8rV7hNw-OC7rPAT55z5xXx05rgrUuCswfhZ_4Gh5_aWjzqKAeB2KpJ5c5 81R6IWs_y0wM471AUZSYOEo-ytCH6_qgwdPimUH98Lo5e3h7XQnHweu2A-g_nbOM3 -voNfCcBxU_-rPYysyORvOJ5GcyIle3W2FSnBDwxS7AUVTkvJrybl6Q2MWlMA74z5 a5C5jcGZbKJwbmhqLKWc2H-IA0CFjiqirECKMnl65A6vNpLdLoTYv-47b8Gm_qKB9 odY-mSOolGtSTdF7r89FJwLjviTthnbvaebfEX9I1vNlmOBdiPNebl0euWDMlbiMR c0if_wPITYrNQaJA7elgzIwizC07ZLHu3dF-vK4pqFN0fITlCvcV2qOA85Gn0dfrZ Hcp84lK-IDJWMMITyqntz-SgxMpkj8qMePH-lcPK3QHfnSwxxCbvojgzz7OlvXFSg 6WWZdNJ-LBVdhNif798Cwym2_boiVSyapNqZPCvHGvQu0byG64-sgRbYteSuASEdF FFeQqwuQj3xdiTAP5AIvoA1kOillzVmkHZ3cfi9SciZI8jBsK9GfZJ311HF1p9S5A f3fXxzh-ZWqFnGxrE0UnBfQkaSb4rzPID6bZtZfpG-q_ha4diOOz4CDbVU96DEsTx EgMyfONK5pG6yA372QCFGtSJlhyqxgkAx2tULOSU7pD6-nksRYxkhzfluw8F25eSm gygudKA5Fze6JY-5MqGiYG0VyUVc0w_Iekp6dRPO4bI5M5Y7J_DvrfpD9t7R_rK05 emm7IeZk4zfyTlVfx0aqqSXIgeEBJHosKraZPknWz7mDL60vVGCLIFrrjhoOCPyI1 6Lod2lJFJo9-S9a0fChR7W6kRTepLb11zCu5xTsfmSFknmHJMtTSS_pUp6GhVFzY9 Hallam-Baker Expires 17 April 2025 [Page 72] Internet-Draft Mesh Protocol Reference October 2024 -ol1qKFEuali1A4nrlu2ysIPOe5u-a-yOLNayvpUpn9Bcj6gLZ2_g0xbu2gePOJEF s7EMuc77t2AQY_pyx4rMAcb2Rquh4hlrtlnO3OvfQZn0xvd9_7vpQ7Wpz_5ElM_96 Y8jNaNkAPigRWAjpYMpb2fSdVCam9JmLhfyH8WfEskQHEzyPIG6-cbSWoW8evmOjT 4xXpcmBGZzbUG3zUnEbwUwhxiTmUhKLEel08lnoXScYqOMMnlrg7XI-4tQQVC2r-N UcsmmJkbShDqIzJ-IvSxAU4IAXnan6RNv1IyLLThwFIWR-GEIfOHByabtzStNmUR9 vzYq-WBtyWHnGWEwMLH_0ODz97Tz6tbmbiWERo8RZ1et2FAoZunF3OJKNt-VFnJK_ OPIjQQQIm4UpjwQetvj0B-tmGHfSN2m-4D34gpYQqVqyLpeoeLpImBMNOYdpiYRRm Tu87pJwc9nNxO7Pt-MHDvgrjvwz5CakFewzKE6ZgEpY6KxmR8yoERyORq-rikRlFA 7GK_EuARv_Y1TJTm54qVAD3LM7wIRdvxLSVgsPNe0OP44Y2ag8V74SAEWOTLosz5K IGkvuJBa9cBBzi_7Xk2PkIOjIt6PBsRuXcYPxzKv_vyeXvPheJW1nOv0NQdh3naO4 H8sWo8KN8AJqulC5z0oTCWa4WwST0NGCpzwXxSZ0S0G3Rn4v8IDD-o7J4aZ2Yw-6E KgAqOBRQd964oCvB7NX9bmJBRKTvPmhXRZTJ3fM599dpNcd4gS90c3gOUjD15fqfb 2ozBRl7jWf7MOPT0R4C6L0TZP9WU-l47La0ybmHdDktGQMd3WGP5rXZqVch9oxJmB qW14NCAUHuUutynNu4zjzJsMHJl_LQrPQs90625Srl90NsL560fm4ArdQ_hmBKG1b L-FXiRe3BgEBIOceKFWrJ6yN0G7I2gI-FL97HhvztcwKcG6wn-zayINBS3saBlc30 41AXATNbT_V0jej42o6pycL3pWj4V8IRTfN--qp_Jd0992CWwl2H6ckRl5Zav5kyw FDKBbNQ3oSIQj2a6fX5hFBRV10BjXHqAviKjq0Kxlspj3oTuPs84mxxWwuNc7COt6 5eAsbk4misCQ8I1tb3ekPBp5IrD3O4ptKWeDHGTdBYtXyISTp_FOyrkzX3XlWeQrp LIwMKxZhzzgthYrASEB8sFpCpzGGsDGyvFBttWqB3TP-Xp0pmpkCgvqLMdx0s6-PI DRs1PsPLlCqkbjgng2vXYbDB-RxR37-_KgRNAS4cDUcb2Xyn8OwbPSBfk1q_I8ItC L8TfOxFbTkdrCSk6m8ebofSpFK_FatCvqnCFeuadlm9RSVyQO4sK8nSxXTud5yLGZ 8SVZ78_FMtDjyw94TTjQ_Hgji2Qm1tAtt4apLG6F5s_a3CVqBrdh8jrw4hWvKPyq0 UuSwloda-J4snVGdi-QeurTC_HFrG9W5D2l7upl6yUzF6jZil6t-o0xugWKS9iW_g I3hfsNjHjEiKx0NWHylcn7Ej15o6mVClxAp9QkQKUhIz4UIrLw6UcouanBK8XPHWo 1Mk1ZhF0OheMsD15wz33_V7Eo_clnb_ErF_XZJZvr2ynHoHEor6LYK58qi4ahbTJP ccNWZ62QktVEvKadmJcXl2Nr1bLuItezecosy0BHwCjzi82VAgDchZ8xWT4ns6eST PrjBcC2623Vqhb3u8_kpqNKFq9_gO7gfcj4JZNo5wd5ChImzKlECVcHusIi4cI349 J9tBOnUe-xIcvA12vaOO8MN938C71I6cPB4T3hWvIqECI9b8AmATPmJCKRRW5wT_W OASRkVZhP70I6clsYhem5sAmVtztm4GJaTYRM8gHNPgHeUuarvxAtuX-y3_JJiJop DiFCIUBsAXQmSzrFB2i2wnIXy0M9v1Vk3Qxsj3Nf9I4r3PGTHS3XzvR5hRxzwf6FX IxZlj90EStdlTNG8PGuP7NLFEBT2gMwtXjxCkazqyZeEtLwUDvDke61ryMZOqlao5 tMwsBSzFmm2GXvZCNPBRpBWCNZJx9hlaAVKbI400h-B9iP8NZjb_nZkE76rfRSv-q HoRD3MBTV0Uq-v87TuMvVIk05FC3DpFSduXBXbrG37ckSmMc-dugY80ifvdZm84xK FgJOMnpOmVenn6iW27xISV2Tfd5bfCyNz4BYPEHpeVgSTlw3SZI1CWGeTI6T33q-C xu3hUpFMXmbsn3PTschEVNeh3InrZ6GC-6qZfxZdHGmQKyghucfB5ldiJ8YiHdClp gRD4VXoJOUEWnITC7vZuamR-1Q9IVvri5DjVeZ6MLvQMTZZLObl6HyjwrW4w7GH83 wHLm5Fb-4ym6YbH9Aadm5R7nUFZjoECBvBJn3h2uLKkLGaXzgTJYYhK2bnt7AAC6J hDr1WySiRCPVrFe0-ON6FGYWVAez8G5IAaebG8lkDtxT188UO-6GzjV7Vh5sBIcQm aEsQv5jEkFl3U-MG15hcvXCebdbzpX1CGpMjYifDThac-VsX19YkOyhtFAssdQYvl y_C-13DaRW-PK7j4hkdjD0irQvu1LeAUDdSz9kmjF8AaaBsy6xStIFdrw1Ck5gD2t 23ZdeqSBGvGJnTIzvyeK3HCv8oKuJRQY6kcC1APzAUkjvgNbx70z7n08BSosb3Z1B e1mo2X8KU9fbUj-BJpyR6vITcc1VWwmvV7T6IM36sIhjrU-3IrP8d2bZZg5T1buRv 2V9nnGbLKF6b36BpKnQbt_bQsha5WzuQMmxX5nlrgMcAVO4CotMPTpvG7J-_7ddK2 vwK6EYekWGtEKmYQhw_kc7QAAERfH8bM5veixZqUAY6YxC5ibxyNEnbx1u2NwNdKX pZ3G5St2ZM1UovcF_I8e4MuzsZHJ4Kuxrg4RLXvMUQQn7WfAZL3uLZ_Ln27JGeMXN kH4sy8osYHRbzTPY1OtEJAmCelSk4JkydMyuwn48JrKCaIT_9LKvdY56bHrobSmvw V5L8fGCsSWVGWqNn3rhwBiNgIw", { Hallam-Baker Expires 17 April 2025 [Page 73] Internet-Draft Mesh Protocol Reference October 2024 "signatures":[{ "alg":"ED448", "kid":"MD2L-6M7C-Z3Z3-Q3AL-JFYI-ZIUC-BKUR", "signature":"gHExk7IRqx_fSpaKOp_X1HLy88WStnwZWO17k9 MekufjE7eaooRRDluULSK0DIvXbbfKC3hVlsgATCTqb5l68NkFhluvJ2z2MS7M2-h aRhY3Foa_5fMQdWC7--nkWF11jCh9eD_pXgaOIx0t17vVTT4A"} ], "WitnessValue":"rlT1c19N3iBlMXIAMd6bcobgDnH2Uv1m-C7VV90 Gnyk", "PayloadDigest":"LudFo4aZ5eOUbOhCRQ119Oe_5JJRye2FSlSkOM WSC4tJUmYeuYDyxAQxf82re75Zgps7wMnww5QwjCto-9WdRQ"} ], "ApplicationEntries":[{ "ApplicationEntrySsh":{ "EnvelopedActivation":[{ "enc":"A256CBC", "kid":"EBQH-IPF2-DRYU-N2VS-VMAI-MRHF-IZKT", "Salt":"eJdGrdqLp8RcPEEEXCgkmg", "recipients":[{ "kid":"MB5H-YYAQ-MKKT-5JCM-FWRL-HIJ2-6N7O", "epk":{ "PublicKeyECDH":{ "crv":"X448", "Public":"TFp8dAMe5wkLifcl5S3OgP3e8JPEBUx WRg1geI9NbXygTZWWTssJNlrE358qdw0RxjA-agAsScWA"}}, "wmk":"G7hWogNaI5S4osEN_QLNA5k8VEPRuoDSM3NF3t lBqtw8g7OypHpYQw"} ], "ContentMetaData":"ewogICJNZXNzYWdlVHlwZSI6ICJBY3 RpdmF0aW9uQXBwbGljYXRpb25Tc2giLAogICJjdHkiOiAiYXBwbGljYXRpb24vbW1 tL29iamVjdCIsCiAgIkNyZWF0ZWQiOiAiMjAyNC0xMC0xNFQxMzoxMDo1NloifQ"}, "GHk2FJEAip3mtk9ruFfCQ79sa63GkE9nWZ6WqngeJ4_kXRR7d0 4ZME3CZGfwTmveMT5qEw4WKWwj2r0nKHm9dFJpwp0BSY8-6kozVbzAM2gPW9CrLYI KoRBT_dxjst8KzusT8gNADy5Bw4-l-AB7ucnmzZiQkFDxM-zOi6KoTepieRUAtxXn OTUfkpGGnOAx8nAQfyYxQ5ShLHxXMdJs28am4vj7XMC9t7L10c9ioZGfVTFLfCxEl LjvUVff2xX9tnLwRYRaCthdX39m3ld1fBkV1ARkGF5yqQPTtrUuVggLaOwTr4EG9W UZAi2gSgNUrP8vBnkt5oEbZlO7de8h_X0DQRAENjnaz8xLM6Ns44k3YoMzF8ItbhK KwPUIM63rAatd8qTNXfKw-sguZnWKZnENeqlKvu6DayHUMFTEESUQBoYdSFv6QiHd jFqCQ19sHw2mnhRKqKhKCaViwWPk__dYjh8YlU4Ws8Ip-XGzfhOHh61VVzZdZ-aUO Uo-Mwomod1muK4FIgNmnijrbrE7lQJgkAbiUKtlm16Zj4h4fKNnqg59ujtupv6dxS 1hYEhDKZCMNtUwunz3kgX91S2wNL5B8sfHOs4h95OKJi9UNyvzOHGtrFZyyXu1cbf O8XvxSpp2EwqgJOUZL0nwFwK8UQ_1HPk6n6J_MbZ-zanADPMGjpdOUUxPYw5QO16V QQ-XinI0hrfv7YHlwwc8578Wg-Kf2sfpdZ3h2QUd3G-FSCgHyCt9Uqdpd1JAPrNOM eTplzJ-MDMhi6wTdUvY1O3GhZPJWfLtUtZthcQkrmF5yrIkmSdwQzziRR2FibF9Vn YfjlHL7AEBwfEoFV3QBTTMxEZQYd5-CCHMUIB32Qq25uihYPJxdswF7_7k6cxX0E0 FvtjCbiewiPwXyZNL25w20tnFVZOYdG90CTQ_yaj7YqocH27tSDv9pMuY0f5G1Iln 6gEyiZHsOSeE_p6J5KboO5uLfGOHMOaCLkNaYtFoB3e7mDnkATCRWZMnf06uQfgwt imUhI2JN0XZt7cJ8Jp4wWfzJLbtFH6FMlx8MA1HQrr30smK_gteZkewYvq6Uiuy5A Hallam-Baker Expires 17 April 2025 [Page 74] Internet-Draft Mesh Protocol Reference October 2024 DQi6lOqPt2HMxpoLKUK26jSGx9Vz46vjMz-R1XNO4MIVXwnMSxZVK4auHUoNMFbWC amTLdH-h18dNqO1b3NIjjC7QW5JImu14g_r3eYY7gr7zRihm6AumYRuPyZXF58n1v NeHXfjKUAa-rCfuh5q-vOpc9UvGnPW6ouV7jvDiZURV84prtnK_UltoBV9KvvCrhB GoSJvFh-RbfIKW2vaS9AlxBrpe9YbBe07ZZNM2YPkTiljkJ7-_7VDg7rRpRLssnRS Y6XHwIEAh7ZsG4weOk9SoZwX_DEJK2svpuGexyelMHHiFU2DDDg1D0zWJQDk2SzFy gqA6SO-P6DzZe4N5u9bFcIrM_hRJY7BDV0ww4SkvvYV680C3LI_918m0CnxwaJDPq HDa4fhYAQsXEZeHMXF5B8PMqnfeypU1gl3npN3u2phl1jUwBlqFZhwS6X3EnEGQbN IJsUhvwjohFWO1elxX2WjRtyOLSrRHl4FFu3S1ZkBvEl5TN5Ho6zu32EQLlI07cw1 0Gl-dA7TpI7lPMvkcW1pEEBWd59iLixBnPSrq1KkrJb-Vyl-Bo05W2v5Qzna_af_l J9FHwWatugiKb18QyFrhL6Kjo8tZScGjadDUdlwUC_d_r6YJMQY2yX0YBkuei14UX Zholy8JpUbLfa0gNs-WdFQCoinq4CAFdxfNikKlSVXPnF_sUEtKZiDG3SQ8jBOC-K 6YrT3caFRK2K0_wyhHC7HzooZSk89DR9pG0g1Kx3LE_E-6H38fyPOD-Y38JfmMa7w KjYhYNuYF1LfgD5dGk29Azq8KIHII8il7V82PvFKJt9RodreotvpGkEk56PxN27UX fIQVY8XgnsEbWWkmICPF__BEzDVK_6L3EJzyHMNGQMb9jwmVnklorDvv2KlxOMbCj pXlRg47-KcKxmqv8Kz_TMYs2HZVaHunrLsJRqIKTABXROVKl26sJXoV410cvMtb7f Z0a8_Nif8Hogvg30JaXg7-y88gbq87ZeYF5pLqjHQXO-RNrFZZWXZKOwhl9pk2Hx1 eu0D1xj87HqPF3RUspLtTf6GSGOhrGURhEsd-Vu9EqkPI_A0FRhYRIAlkIO3LJTlJ 1lWxC3fcWSdFNI9rHdl4oLzvfHMayRmCpkPRd9cFT7qvZ2ZNFsY84V5bWph1xPvWy sgSDXASnfAoaIY02bhuvCe6qaYtltPKxnYQFxisIaiBS1RNqR6gtVsvD0qJPBG1oT I-6Pk2yNLILS9U5-Z5hPAR8crXPlz__sOO-aDN-aWndm8IS7H-rODbLk_wg1QfLLS HCVjNml7qe21YaYfEgaRoe5lh4NuzXskRKpW5Sk1Yz7sghjv2MSgSj0NgpWkQTfYt mUic1RC8isRCKOpB8hj8jgVEiQYoeBmM76fYIBdX_9hehXtEclGwK5_qii-pQ5tqR zEqRrd3ULZ4O0aeJeEoNXG74Hzytj9TpfkvU1R5ZHgtnkS97WIe9ACaDBHpvmcYxc ou-IAmt6MP5HhbK45FtMteC8WqZQGrhdmCGW0_m7N0R81MJDirmcI9nP9ZRPAWooK mdhuiUX8B4XO52r7PpP46PAB9gWo2rh16VapCslRPbYXWxsiOT99RYn_YVBTJaUvK mWbELtOWCHY0rQKAO3W-yUlzLZAwX_fDa9P8R2tFdwuzdJ8OkyVWueNjn1kA2_UKQ oVTNe5jt7J7JszsKqHJ2UcCi5Oi03u05JX8NKgNajg9VqNpQUrySPmrFg6WY7hHXa lgz0icVrKEOtGpJQJtf2neengXBNnO8RedkmiEjETolHc_2h8su_eB45-DBYCXr7O qIRw8mMExFvyowMe_MeH7u8kpZX3t8bPD9M46xcOq2RF657j2Yr-0AKm2SRFLFMT5 n1J0l0Hk2va0TLVv3csLGHzl14BNXIbUhEWVe-Bns3RZflOM74JXS_jqYz419hEP_ MV3njzmVsTxfSVzMOizoLGyf8dfetSvpSyOXi5AVx8sege_Pp3TLx2AlxpofpVILM 9a6JCetP4vMdImjrvuIgcRPlaO1NjXZ_lPPlQYKYEN8FLVtPCQJsuM5kPZLGdp9sm Aeg-2AFf_oAZ_YxLTitkrfmVPb2so14gWi9i6-ptznY2ffH9UAFRpcAzDz13bRTMe 43slJvh3X0hqI0XxwSh1jq3pZe7YgOv8z2zsrMoXEN_UrE0xFlDal5cm1G2fI7K5Q 6nx6y84XKlE93BMZ7rJeUXi9Vu3x" ], "Identifier":"MBR3-LM6K-JRW2-JWYF-JK3C-SIA4-HG77"}} ]}, "MessageId":"MDDD-KNM4-KUZH-QVC4-KWLI-5NBW-T54I"}} 9.1.4. Phase 4 The device periodically polls for completion of the connection request using the Complete transaction. To provide a final check on the process, the command line tool presents the UDF of the account profile to which the device has connected if successful: Hallam-Baker Expires 17 April 2025 [Page 75] Internet-Draft Mesh Protocol Reference October 2024 Alice3> meshman device complete Device UDF = MBQD-CODE-XMWJ-QHE3-2KHZ-UKKF-TVVF Account = alice@example.com Account UDF = MBQC-7OHA-RNBA-FRDL-R4GI-YQHA-DL36 Alice3> meshman account sync The completion request specifies the witness value for the transaction whose completion is being queried: { "CompleteRequest":{ "AccountAddress":"alice@example.com", "ResponseID":"MDDD-KNM4-KUZH-QVC4-KWLI-5NBW-T54I"}} The Service responds to the complete request by checking to see if an entry has been added to the local spool. If so, this contains the RespondConnection message created by the administration device. 9.2. Preconfigured (Static QR Code) The preconfigured device connection interaction is used to connect devices that lack affordances such as a display or a keyboard. It is also known as the static QR code interaction because a static QR code printed on the device itself is used to connect it to a user's account. *Future*: Note that this interaction is likely to be changed substantially in future revisions of the specification and the Claim/ PollClaim mechanism removed and replaced with a messaging based approach. The interaction has five phases: Phase 1: Preconfiguration The device to be onboarded is preconfigured with a ProfileDevice and private key information and a DeviceDescription posted to a publication service. This process is typically performed during manufacture. An EARL providing the ability to locate and decrypt the description is printed on the device itself as a QR code. Phase 2: Device description acquisition The administration device acquiring the onboarding device scans the QR code on the device and uses this information to obtain the device description by means of a Claim operation described above as described in the Device Description. Phase 3: Administration Device Acceptance This phase is performed in Hallam-Baker Expires 17 April 2025 [Page 76] Internet-Draft Mesh Protocol Reference October 2024 the same manner as the Dynamic QR Code (PIN) Authenticated interaction except that the administration device MAY advise the device that a connection request is being made by additional means described in the device description (e.g. WiFi, Bluetooth). Phase 4: Poll Claim Notification When connected to a network, the preconfigured device periodically attempts to poll the connection sources specified to find out if there is a pending request. If a connection request is posted, the device decrypts it to allow it to complete the connection process. Phase 5: Onboarding Device Completion This phase is performed in the same manner as the Dynamic QR Code (PIN) Authenticated interaction except that the administration device requires notice that of the pending connection request. The main differences between this connection interaction and the witness/PIN connection interactions are that the device is preconfigured with the device profile at the time of manufacture and the onboarding device MAY be acquiring network configuration information during the connection process. 9.2.1. Phase 1 The manufacturer preconfigures the device Maker> meshman device preconfig Device UDF: MBQK-36BF-K7RS-UDWD-PVC3-CVMR-BJCP File: EBH3-DT6M-G2WA-EF7E-DA42-DN55-7E.medk This results in the creation of a primary secret which is used to compute a ProfileDevice and corresponding connection records signed by the manufacturer's administrator key. The data is combined to create a DevicePreconfiguration record that is provisioned to the firmware of the device being preconfigured. { "DevicePreconfigurationPrivate":{ "EnvelopedConnectionDevice":[{ "ContentMetaData":"ewogICJNZXNzYWdlVHlwZSI6ICJDb25uZWN0aW 9uRGV2aWNlIiwKICAiY3R5IjogImFwcGxpY2F0aW9uL21tbS9vYmplY3QiLAogICJ DcmVhdGVkIjogIjIwMjQtMTAtMTRUMTM6MTA6NThaIn0", "dig":"S512"}, "ewogICJDb25uZWN0aW9uRGV2aWNlIjogewogICAgIlNpZ25hdHVyZSI6IH sKICAgICAgIlVkZiI6ICJNRFY1LUVJQ0ktSk5GVi0zNUs3LUlQREctNkNWNy1OU1Y 1IiwKICAgICAgIlB1YmxpY1BhcmFtZXRlcnMiOiB7CiAgICAgICAgIlB1YmxpY0tl eUVDREgiOiB7CiAgICAgICAgICAiY3J2IjogIkVkNDQ4IiwKICAgICAgICAgICJQd Hallam-Baker Expires 17 April 2025 [Page 77] Internet-Draft Mesh Protocol Reference October 2024 WJsaWMiOiAiQVVPMUIyR1RLNGZjSk9rUFlNN0RJa3VDT2s0SWNJbHFzTGZuQVlnQS 1BQ0dhZmNvUFZCdQogIEJDSGYzR2JDMEx2bHBiS2cwNmliREh5QSJ9fX0sCiAgICA iRW5jcnlwdGlvbiI6IHsKICAgICAgIlVkZiI6ICJNQkZGLUVTUDMtVk5YWS1EWUhM LTVNSkktVjRLNy1WN1dOIiwKICAgICAgIlB1YmxpY1BhcmFtZXRlcnMiOiB7CiAgI CAgICAgIlB1YmxpY0tleUVDREgiOiB7CiAgICAgICAgICAiY3J2IjogIlg0NDgiLA ogICAgICAgICAgIlB1YmxpYyI6ICJMd2oxNlE3QmNraWU3ZU9jMG85NXJYbGZ6enh rSDFFTGVCMGxlLURJdklxemVpeHlocjZhCiAgTjRTSV94Vzh6eGwxSGVSclRKN1lh Uy1BIn19fSwKICAgICJBdXRoZW50aWNhdGlvbiI6IHsKICAgICAgIlVkZiI6ICJNQ kZGLUVTUDMtVk5YWS1EWUhMLTVNSkktVjRLNy1WN1dOIiwKICAgICAgIlB1YmxpY1 BhcmFtZXRlcnMiOiB7CiAgICAgICAgIlB1YmxpY0tleUVDREgiOiB7CiAgICAgICA gICAiY3J2IjogIlg0NDgiLAogICAgICAgICAgIlB1YmxpYyI6ICJMd2oxNlE3QmNr aWU3ZU9jMG85NXJYbGZ6enhrSDFFTGVCMGxlLURJdklxemVpeHlocjZhCiAgTjRTS V94Vzh6eGwxSGVSclRKN1lhUy1BIn19fX19", { "signatures":[{ "alg":"ED448", "kid":"MD66-B7Q7-HWEB-UAF6-PWNM-YVBH-HXE7", "signature":"T5q8Ygyj3aM5tDzUmjoFMAVdGasi0PF1SZlgFYCl 3kCT5_NZrd5iuGcJetwaq0bINEJHDjUppQuAdbpe8eZPlJBtTo8EBksurd04sqf1U NIokTq5HA-eXh45bjPkOGjwZmBBO46LlyQDG_kq-6roUw0A"} ], "PayloadDigest":"CQupHrY2ASmhF8QOcXCnjid4nC6wlVlUk9cxmIUc MGC1_YLhJwc7wpE-EfoDCcmkTtRCPmwq1tmdX88VClLkSw"} ], "EnvelopedConnectionService":[{ "ContentMetaData":"ewogICJNZXNzYWdlVHlwZSI6ICJDb25uZWN0aW 9uU2VydmljZSIsCiAgImN0eSI6ICJhcHBsaWNhdGlvbi9tbW0vb2JqZWN0IiwKICA iQ3JlYXRlZCI6ICIyMDI0LTEwLTE0VDEzOjEwOjU4WiJ9", "dig":"S512"}, "ewogICJDb25uZWN0aW9uU2VydmljZSI6IHsKICAgICJBdXRoZW50aWNhdG lvbiI6IHsKICAgICAgIlVkZiI6ICJNQkZGLUVTUDMtVk5YWS1EWUhMLTVNSkktVjR LNy1WN1dOIiwKICAgICAgIlB1YmxpY1BhcmFtZXRlcnMiOiB7CiAgICAgICAgIlB1 YmxpY0tleUVDREgiOiB7CiAgICAgICAgICAiY3J2IjogIlg0NDgiLAogICAgICAgI CAgIlB1YmxpYyI6ICJMd2oxNlE3QmNraWU3ZU9jMG85NXJYbGZ6enhrSDFFTGVCMG xlLURJdklxemVpeHlocjZhCiAgTjRTSV94Vzh6eGwxSGVSclRKN1lhUy1BIn19fX1 9", { "signatures":[{ "alg":"ED448", "kid":"MD66-B7Q7-HWEB-UAF6-PWNM-YVBH-HXE7", "signature":"4FkfmdMX6sWMQ5zskF7V_1UsoBTBKVVQtYigF41m MGOx1_yTQtpDs1lnqxmBt6yAtjfUvv1NsG2AdYx425rJ5-lryqyud6m-MNoTCUeWW wuO0jGMpaw2PyjFUFh62_k5fGDzZVgqx-larLbwVf6vFQsA"} ], "PayloadDigest":"z4aP8rSa_WxiufLZcZmhBbJd-3OCz70GX4gIkH0y U4LCO8QdoX-4iAbwfwylksQDTtNbKmVfxQam4MCT-2oKZw"} ], "PrivateKey":{ Hallam-Baker Expires 17 April 2025 [Page 78] Internet-Draft Mesh Protocol Reference October 2024 "PrivateKeyUDF":{ "PrivateValue":"ZAAQ-AUKH-YPXV-5NTI-ZVIK-4Q2D-EFAP-UR7Y-5XX N-EDXE-HX3O-LYFS-BJOU-CMQE", "KeyType":"MeshProfileDevice", "RootSignAlgorithms":["ED448" ]}}, "ConnectUri":"mcd://maker@example.com/EBH3-DT6M-G2WA-EF7E-DA42- DN55-7E", "EnvelopedProfileDevice":[{ "EnvelopeId":"MBQK-36BF-K7RS-UDWD-PVC3-CVMR-BJCP", "ContentMetaData":"ewogICJVbmlxdWVJZCI6ICJNQlFLLTM2QkYtSz dSUy1VRFdELVBWQzMtQ1ZNUi1CSkNQIiwKICAiTWVzc2FnZVR5cGUiOiAiUHJvZml sZURldmljZSIsCiAgImN0eSI6ICJhcHBsaWNhdGlvbi9tbW0vb2JqZWN0IiwKICAi Q3JlYXRlZCI6ICIyMDI0LTEwLTE0VDEzOjEwOjU4WiJ9", "dig":"S512"}, "ewogICJQcm9maWxlRGV2aWNlIjogewogICAgIkVuY3J5cHRpb24iOiB7Ci AgICAgICJVZGYiOiAiTUJGRi1FU1AzLVZOWFktRFlITC01TUpJLVY0SzctVjdXTiI sCiAgICAgICJQdWJsaWNQYXJhbWV0ZXJzIjogewogICAgICAgICJQdWJsaWNLZXlF Q0RIIjogewogICAgICAgICAgImNydiI6ICJYNDQ4IiwKICAgICAgICAgICJQdWJsa WMiOiAiTHdqMTZRN0Jja2llN2VPYzBvOTVyWGxmenp4a0gxRUxlQjBsZS1ESXZJcX plaXh5aHI2YQogIE40U0lfeFc4enhsMUhlUnJUSjdZYVMtQSJ9fX0sCiAgICAiU2l nbmF0dXJlIjogewogICAgICAiVWRmIjogIk1EVjUtRUlDSS1KTkZWLTM1SzctSVBE Ry02Q1Y3LU5TVjUiLAogICAgICAiUHVibGljUGFyYW1ldGVycyI6IHsKICAgICAgI CAiUHVibGljS2V5RUNESCI6IHsKICAgICAgICAgICJjcnYiOiAiRWQ0NDgiLAogIC AgICAgICAgIlB1YmxpYyI6ICJBVU8xQjJHVEs0ZmNKT2tQWU03RElrdUNPazRJY0l scXNMZm5BWWdBLUFDR2FmY29QVkJ1CiAgQkNIZjNHYkMwTHZscGJLZzA2aWJESHlB In19fSwKICAgICJBdXRoZW50aWNhdGlvbiI6IHsKICAgICAgIlVkZiI6ICJNQVZHL VlXWVYtMlVXNy1MU1QzLUFQQkctUkw3SC1ONTMzIiwKICAgICAgIlB1YmxpY1Bhcm FtZXRlcnMiOiB7CiAgICAgICAgIlB1YmxpY0tleUVDREgiOiB7CiAgICAgICAgICA iY3J2IjogIlg0NDgiLAogICAgICAgICAgIlB1YmxpYyI6ICJyRlZGUi1jTDZjdWNU U3JmRm4xNDZYVE9kMWgzSkdBM0hrQ0VlYkNzaUEzT3dWQXBkN2ZsCiAgZ0Z4Zlh0d lkzVXRpNmlRd1RTdmVFWmtBIn19fSwKICAgICJSb290VWRmcyI6IFsiWU5lVGVBYk l4NVdSdEN4Q3llbnBqYWJKVlJuOERUbGF1SFBUZFFUYnRJOEFHblY1bk8KICBWM1l PWENlRFlRZTk5VnFIcWZwYi10MFZxSjI5blZKRW1yUEpNIl19fQ", { "signatures":[{ "alg":"ED448", "kid":"MDLZ-G6AG-ZDDZ-LENU-FRBM-T2PJ-RWTM", "SignatureKey":{ "PublicKeyECDH":{ "crv":"Ed448", "Public":"WPX0CBEOzgJWHVJqiyTAr4MrieFJQYzdutZML5- MnHsfF7KfRmGxsUR9eppBIKTFhzLaRhd06XmA"}}, "signature":"s1AVL-omThJqK3LTFXtg58xvRBZoeansc39u4rqT iKRHKrCQx-11PG9b0Vq-VC_MRWxbCwZenawAo4fBnNnpNvtbNGUaALlFVvLK5nPZV O6nY6gA_i3ID9ZrUTxYJz0lbj-ZTIt6NZOGxTJX4yxJiC8A"} ], "PayloadDigest":"OrZNsRzLz7olETFljSpKbdG1bNjj5MBr-ireuPK6 Hallam-Baker Expires 17 April 2025 [Page 79] Internet-Draft Mesh Protocol Reference October 2024 Sn9-ARWs4E3Xk2_HvrHA7cySavkX6anRBSGzQ5uYty0_Ow"} ]}} An EARL is created specifying the means by which an administration device can acquire the information required to complete a connection to the device: QR = {Connect.ConnectEARL} The preconfigured ProfileDevice is encrypted under the encryption key and published to the location key derived from the EARL. 9.2.2. Phase 2 & 3 The administration device scans the QR code and obtains the Device Description using the Claim operation as shown in section $$$$. The administration device creates the ActivationDevice and CatalogedDevice records and populates the service as before. Alice> meshman account connect ^ mcd://maker@example.com/EBH3-DT6M-G2WA-EF7E-DA42-DN55-7E /web 9.2.3. Phase 4 The device polls the publication service until a claim message is returned. Alice4> meshman device complete Device UDF = MBQK-36BF-K7RS-UDWD-PVC3-CVMR-BJCP Account = alice@example.com Account UDF = MBQC-7OHA-RNBA-FRDL-R4GI-YQHA-DL36 9.2.4. Phase 5 Having been advised that an account has published a claim to bind to it, the device posts a connection Complete request to the specified account and completes the connection process as before. 10. Protocol Schema HTTP Well Known Service Prefix: /.well-known/mmm Hallam-Baker Expires 17 April 2025 [Page 80] Internet-Draft Mesh Protocol Reference October 2024 Every Mesh Portal Service transaction consists of exactly one request followed by exactly one response. Mesh Service transactions MAY cause modification of the data stored in the Mesh Service or the Mesh itself but do not cause changes to the connection state. The protocol itself is thus idempotent. There is no set sequence in which operations are required to be performed. It is not necessary to perform a Hello transaction prior to any other transaction. 10.1. Request Messages A Mesh Portal Service request consists of a payload object that inherits from the MeshRequest class. When using the HTTP binding, the request MUST specify the portal DNS address in the HTTP Host field. 10.1.1. Message: MeshRequest Base class for all request messages. [No fields] 10.1.2. Message: MeshRequestUser Base class for all request messages made by a user. Inherits: MeshRequest Account: String (Optional) The fully qualified account name (including DNS address) to which the request is directed. Capability: String (Optional) The identifier of the capability under which access is claimed. EnvelopedProfileDevice: Enveloped (Optional) Device profile of the device making the request. 10.2. Response Messages A Mesh Portal Service response consists of a payload object that inherits from the MeshResponse class. When using the HTTP binding, the response SHOULD report the Status response code in the HTTP response message. However the response code returned in the payload object MUST always be considered authoritative. 10.2.1. Message: MeshResponse Base class for all response messages. Contains only the status code and status description fields. Hallam-Baker Expires 17 April 2025 [Page 81] Internet-Draft Mesh Protocol Reference October 2024 [No fields] 10.3. Imported Objects The Mesh Service protocol makes use of JSON objects defined in the JOSE Signatgure and Encryption specifications and in the DARE Data At Rest Encryption extensions to JOSE. 10.4. Common Structures The following common structures are used in the protocol messages: 10.4.1. Structure: KeyValue Describes a Key/Value structure used to make queries for records matching one or more selection criteria. Key: String (Optional) The data retrieval key. Value: String (Optional) The data value to match. 10.4.2. Structure: ConstraintsSelect Specifies constraints to be applied to a search result. These allow a client to limit the number of records returned, the quantity of data returned, the earliest and latest data returned, etc. Store: String (Optional) The container to be searched. IndexMin: Integer (Optional) Only return objects with an index value that is equal to or higher than the value specified. IndexMax: Integer (Optional) Only return objects with an index value that is equal to or lower than the value specified. NotBefore: DateTime (Optional) Only data published on or after the specified time instant is requested. Before: DateTime (Optional) Only data published before the specified time instant is requested. This excludes data published at the specified time instant. PageKey: String (Optional) Specifies a page key returned in a previous search operation in which the number of responses exceeded the specified bounds. Hallam-Baker Expires 17 April 2025 [Page 82] Internet-Draft Mesh Protocol Reference October 2024 When a page key is specified, all the other search parameters except for MaxEntries and MaxBytes are ignored and the service returns the next set of data responding to the earlier query. 10.4.3. Structure: ConstraintsData Specifies constraints on the data to be sent. MaxEntries: Integer (Optional) Maximum number of entries to send. BytesOffset: Integer (Optional) Specifies an offset to be applied to the payload data before it is sent. This allows large payloads to be transferred incrementally. BytesMax: Integer (Optional) Maximum number of payload bytes to send. Header: Boolean (Optional) Return the entry header Payload: Boolean (Optional) Return the entry payload Trailer: Boolean (Optional) Return the entry trailer 10.4.4. Structure: PolicyAccount Describes the account creation policy including constraints on account names, whether there is an open account creation policy, etc. Minimum: Integer (Optional) Specifies the minimum length of an account name. Maximum: Integer (Optional) Specifies the maximum length of an account name. InvalidCharacters: String (Optional) A list of characters that the service does not accept in account names. The list of characters MAY not be exhaustive but SHOULD include any illegal characters in the proposed account name. 10.4.5. Structure: StoreStatus Store: String (Optional) Index: Integer (Optional) Digest: Binary (Optional) In a status response, the apex digest value of the store whose status is reported. Hallam-Baker Expires 17 April 2025 [Page 83] Internet-Draft Mesh Protocol Reference October 2024 10.4.6. Structure: StoreUpdate Inherits: StoreStatus Envelopes: DareEnvelope [0..Many] The entries to be uploaded. Partial: Boolean (Optional) If false, the store update does not contain the last index entry in the store. FinalIndex: Integer (Optional) If the value Partial is true, this value MUST specify the index value of the last entry in the store. 10.5. Transaction: Hello Request: HelloRequest Response: MeshHelloResponse Report service and version information. The Hello transaction provides a means of determining which protocol versions, message encodings and transport protocols are supported by the service. The PostConstraints field MAY be used to advise senders of a maximum size of payload that MAY be sent in an initial Post request. 10.5.1. Message: MeshHelloRequest CallsignBinding: CallsignBinding (Optional) Contains a proposed callsign binding to the account. 10.5.2. Message: MeshHelloResponse ConstraintsUpdate: ConstraintsData (Optional) Specifies the default data constraints for updates. ConstraintsPost: ConstraintsData (Optional) Specifies the default data constraints for message senders. PolicyAccount: PolicyAccount (Optional) Specifies the account creation policy EnvelopedProfileService: Enveloped (Optional) The enveloped master profile of the service. CallsignBinding: CallsignBinding (Optional) If the request specifies Hallam-Baker Expires 17 April 2025 [Page 84] Internet-Draft Mesh Protocol Reference October 2024 a callsign binding, returns a proposed binding for the requested callsign. 10.6. Transaction: BindAccount Request: BindRequest Response: BindResponse Request binding of an account to the service. This method is called during account creation and binding. The operation is called Bind rather than Create because the account is created by the user, not the service. 10.6.1. Message: BindRequest Request binding of an account to a service address. Inherits: MeshRequest AccountAddress: String (Optional) The service account to bind to. EnvelopedProfileAccount: Enveloped (Optional) The signed assertion describing the account. EnvelopedCallsignBinding: Enveloped [0..Many] Contains one or more bindings of a callsign to the account. 10.6.2. Message: BindResponse Inherits: MeshResponse Reports the success or failure of a Create transaction. Reason: String (Optional) Text explaining the status of the creation request. URL: String (Optional) A URL to which the user is directed to complete the account creation request. EnvelopedAccountHostAssignment: Enveloped (Optional) The enveloped assignment describing how the client should discover the host and encrypt data to it. Hallam-Baker Expires 17 April 2025 [Page 85] Internet-Draft Mesh Protocol Reference October 2024 10.7. Transaction: UnbindAccount Request: UnbindRequest Response: UnbindResponse Request deletion of a service account. 10.7.1. Message: UnbindRequest Request creation of a new portal account. The request specifies the requested account identifier and the Mesh profile to be associated with the account. Inherits: MeshRequestUser [No fields] 10.7.2. Message: UnbindResponse Inherits: MeshResponse Reports the success or failure of a Delete transaction. [No fields] 10.8. Transaction: Connect Request: ConnectRequest Response: ConnectResponse Request information necessary to begin making a connection request. 10.8.1. Message: ConnectRequest Inherits: MeshRequest EnvelopedRequestConnection: Enveloped (Optional) The connection request generated by the client Rights: String [0..Many] List of named access rights. 10.8.2. Message: ConnectResponse Inherits: MeshResponse EnvelopedAcknowledgeConnection: Enveloped (Optional) The connection Hallam-Baker Expires 17 April 2025 [Page 86] Internet-Draft Mesh Protocol Reference October 2024 request generated by the client EnvelopedProfileAccount: Enveloped (Optional) The user profile that provides the root of trust for this Mesh 10.9. Transaction: Complete Request: CompleteRequest Response: CompleteResponse 10.9.1. Message: CompleteRequest Inherits: StatusRequest AccountAddress: String (Optional) ResponseID: String (Optional) 10.9.2. Message: CompleteResponse Inherits: MeshResponse EnvelopedRespondConnection: Enveloped (Optional) The signed assertion describing the result of the connect request EnvelopedAccountHostAssignment: Enveloped (Optional) The enveloped assignment describing how the client should discover the host and encrypt data to it. 10.10. Transaction: Status Request: StatusRequest Response: StatusResponse 10.10.1. Message: StatusRequest Inherits: MeshRequestUser DeviceUDF: String (Optional) CatalogedDeviceDigest: String (Optional) Catalogs: String [0..Many] Spools: String [0..Many] Hallam-Baker Expires 17 April 2025 [Page 87] Internet-Draft Mesh Protocol Reference October 2024 Services: String [0..Many] DeviceStatus: Boolean (Optional) 10.10.2. Message: StatusResponse Inherits: MeshResponse Bitmask: Binary (Optional) EnvelopedProfileAccount: Enveloped (Optional) The account profile providing the root of trust for this account. EnvelopedCatalogedDevice: Enveloped (Optional) The catalog device entry CatalogedDeviceDigest: String (Optional) StoreStatus: StoreStatus [0..Many] EnvelopedAccountHostAssignment: Enveloped (Optional) The enveloped assignment describing how the client should discover the host and encrypt data to it. Services: ServiceAccessToken [0..Many] A series of access tokens for the requested services. DeviceStatuses: DeviceStatus [0..Many] 10.10.3. Structure: DeviceStatus Id: String (Optional) Status: String (Optional) Comment: String (Optional) LastConnected: DateTime (Optional) 10.11. Transaction: Download Request: DownloadRequest Response: DownloadResponse Request objects from the specified container with the specified search criteria. Hallam-Baker Expires 17 April 2025 [Page 88] Internet-Draft Mesh Protocol Reference October 2024 10.11.1. Message: DownloadRequest Inherits: MeshRequestUser Request objects from the specified container(s). A client MAY request only objects matching specified search criteria be returned and MAY request that only specific fields or parts of the payload be returned. MaxResults: Integer (Optional) The maximum number of results to be returned. DeviceUDF: String (Optional) CatalogedDeviceDigest: String (Optional) Select: ConstraintsSelect [0..Many] Specifies constraints to be applied to a search result. These allow a client to limit the number of records returned, the quantity of data returned, the earliest and latest data returned, etc. ConstraintsPost: ConstraintsData (Optional) Specifies the data constraints to be applied to the responses. 10.11.2. Message: DownloadResponse Inherits: MeshResponse Return the set of objects requested. Services SHOULD NOT return a response that is disproportionately large relative to the speed of the network connection without a clear indication from the client that it is relevant. A service MAY limit the number of objects returned. A service MAY limit the scope of each response. Updates: StoreUpdate [0..Many] The updated data CatalogedDeviceDigest: String (Optional) EnvelopedCatalogedDevice: Enveloped (Optional) The catalog device entry. This is only returned if the 10.12. Transaction: Transact Request: TransactRequest Hallam-Baker Expires 17 April 2025 [Page 89] Internet-Draft Mesh Protocol Reference October 2024 Response: TransactResponse Attempt an atomic transaction on the containers and spools associated with an account. 10.12.1. Message: TransactRequest Inherits: MeshRequestUser Upload entries to a container. This request is only valid if it is issued by the owner of the account Updates: StoreUpdate [0..Many] The data to be updated Accounts: String [0..Many] The account(s) to which the request is directed. Outbound: Enveloped [0..Many] The messages to be sent to other accounts Inbound: Enveloped [0..Many] Messages to be appended to the user's inbound spool. this is typically used to post notifications to the user to mark messages as having been read or responded to. Local: Enveloped [0..Many] Messages to be appended to the user's local spool. This is used to allow connecting devices to collect activation messages before they have connected to the mesh. 10.12.2. Message: TransactResponse Inherits: MeshResponse Response to an upload request. Bitmask: Binary (Optional) Entries: EntryResponse [0..Many] The responses to the entries. ConstraintsData: ConstraintsData (Optional) If the upload request contains redacted entries, specifies constraints that apply to the redacted entries as a group. Thus the total payloads of all the messages must not exceed the specified value. 10.12.3. Structure: EntryResponse IndexRequest: Integer (Optional) The index value of the entry in the request. Hallam-Baker Expires 17 April 2025 [Page 90] Internet-Draft Mesh Protocol Reference October 2024 IndexContainer: Integer (Optional) The index value assigned to the entry in the container. Result: String (Optional) Specifies the result of attempting to add the entry to a catalog or spool. Valid values for a message are 'Accept', 'Reject'. Valid values for an entry are 'Accept', 'Reject' and 'Conflict'. ConstraintsData: ConstraintsData (Optional) If the entry was redacted, specifies constraints that apply to the redacted entries as a group. Thus the total payloads of all the messages must not exceed the specified value. 10.13. Transaction: PublicRead Request: PublicRequest Response: DownloadResponse Request objects from the specified container with the specified search criteria. 10.13.1. Message: PublicRequest Inherits: DownloadRequest Request download from a public store (which may be encrypted). [No fields] 10.14. Transaction: Post Request: PostRequest Response: PostResponse Request to post to a spool from an external party. The request and response messages are extensions of the corresponding messages for the Upload transaction. It is expected that additional fields will be added as the need arises. 10.14.1. Message: PostRequest Inherits: MeshRequest Accounts: String [0..Many] The account(s) to which the request is directed. Hallam-Baker Expires 17 April 2025 [Page 91] Internet-Draft Mesh Protocol Reference October 2024 Messages: Enveloped [0..Many] The messages to be sent to the addresses specified in Accounts. 10.14.2. Message: PostResponse Inherits: TransactResponse [No fields] 10.15. Transaction: Claim Request: ClaimRequest Response: ClaimResponse Claim a publication 10.15.1. Message: ClaimRequest Inherits: MeshRequest EnvelopedMessageClaim: Enveloped (Optional) The claim message 10.15.2. Message: ClaimResponse Inherits: MeshResponse CatalogedPublication: CatalogedPublication (Optional) The encrypted device profile 10.16. Transaction: PollClaim Request: PollClaimRequest Response: PollClaimResponse Check party making claim 10.16.1. Message: PollClaimRequest Inherits: MeshRequest PublicationId: String (Optional) The envelope identifier formed from the PublicationId. TargetAccountAddress: String (Optional) Account to which the claim is directed Hallam-Baker Expires 17 April 2025 [Page 92] Internet-Draft Mesh Protocol Reference October 2024 10.16.2. Message: PollClaimResponse Inherits: MeshResponse EnvelopedMessage: Enveloped (Optional) The claim message 10.16.3. Structure: CryptographicOperation KeyId: String (Optional) The key identifier KeyCoefficient: Binary (Optional) Lagrange coefficient multiplier to be applied to the private key 10.16.4. Structure: CryptographicOperationSign Inherits: CryptographicOperation Data: Binary (Optional) The data to sign PartialR: Binary (Optional) Contribution to the R offset. 10.16.5. Structure: CryptographicOperationKeyAgreement Inherits: CryptographicOperation [No fields] 10.16.6. Structure: CryptographicOperationGenerate Inherits: CryptographicOperation [No fields] 10.16.7. Structure: CryptographicOperationShare Inherits: CryptographicOperation Threshold: Integer (Optional) Shares: Integer (Optional) 10.16.8. Structure: CryptographicResult Error: String (Optional) Hallam-Baker Expires 17 April 2025 [Page 93] Internet-Draft Mesh Protocol Reference October 2024 10.16.9. Structure: CryptographicResultKeyAgreement Inherits: CryptographicResult [No fields] 10.16.10. Structure: CryptographicResultShare Inherits: CryptographicResult [No fields] 10.17. Transaction: Operate Request: OperateRequest Response: OperateResponse Perform a set of cryptographic operations 10.17.1. Message: OperateRequest Inherits: MeshRequest AccountAddress: String (Optional) The service account the capability is bound to 10.17.2. Message: OperateResponse Inherits: MeshResponse [No fields] 11. Security Considerations The security considerations for use and implementation of Mesh services and applications are described in the Mesh Security Considerations guide [draft-hallambaker-mesh-security]. 12. IANA Considerations All the IANA considerations for the Mesh documents are specified in this document 13. Acknowledgements A list of people who have contributed to the design of the Mesh is presented in [draft-hallambaker-mesh-architecture]. Hallam-Baker Expires 17 April 2025 [Page 94] Internet-Draft Mesh Protocol Reference October 2024 14. Normative References [draft-hallambaker-jsonbcd] Hallam-Baker, P., "Binary Encodings for JavaScript Object Notation: JSON-B, JSON-C, JSON-D", Work in Progress, Internet-Draft, draft-hallambaker-jsonbcd-24, 28 June 2023, . [draft-hallambaker-mesh-architecture] Hallam-Baker, P., "Mathematical Mesh 3.0 Part I: Architecture Guide", Work in Progress, Internet-Draft, draft-hallambaker-mesh-architecture-22, 28 June 2023, . [draft-hallambaker-mesh-rud] Hallam-Baker, P., "Mathematical Mesh 3.0 Part VI: Reliable User Datagram", Work in Progress, Internet-Draft, draft- hallambaker-mesh-rud-03, 28 June 2023, . [draft-hallambaker-mesh-schema] Hallam-Baker, P., "Mathematical Mesh 3.0 Part IV: Schema Reference", Work in Progress, Internet-Draft, draft- hallambaker-mesh-schema-12, 28 June 2023, . [draft-hallambaker-mesh-security] Hallam-Baker, P., "Mathematical Mesh 3.0 Part IX Security Considerations", Work in Progress, Internet-Draft, draft- hallambaker-mesh-security-09, 20 April 2022, . [draft-hallambaker-mesh-udf] Hallam-Baker, P., "Mathematical Mesh 3.0 Part II: Uniform Data Fingerprint.", Work in Progress, Internet-Draft, draft-hallambaker-mesh-udf-18, 28 June 2023, . [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . Hallam-Baker Expires 17 April 2025 [Page 95] Internet-Draft Mesh Protocol Reference October 2024 15. Informative References [draft-hallambaker-mesh-developer] Hallam-Baker, P., "Mathematical Mesh: Reference Implementation", Work in Progress, Internet-Draft, draft- hallambaker-mesh-developer-11, 28 June 2023, . Author's Address Phillip Hallam-Baker ThresholdSecrets.com Email: phill@hallambaker.com Hallam-Baker Expires 17 April 2025 [Page 96]